System and Organization Controls (SOC)
GPTKB entity
Statements (49)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
audit framework
|
| gptkbp:abbreviation |
SOC
|
| gptkbp:developedBy |
gptkb:American_Institute_of_Certified_Public_Accountants
|
| gptkbp:focusesOn |
gptkb:security
privacy availability confidentiality internal controls processing integrity |
| gptkbp:governingBody |
gptkb:AICPA
|
| gptkbp:hasType |
gptkb:SOC_1
gptkb:SOC_2 gptkb:SOC_3 SOC for Cybersecurity SOC for Supply Chain |
| https://www.w3.org/2000/01/rdf-schema#label |
System and Organization Controls (SOC)
|
| gptkbp:introducedIn |
2011
|
| gptkbp:preparedBy |
independent CPA firm
|
| gptkbp:relatedStandard |
gptkb:Trust_Services_Criteria
COSO Framework |
| gptkbp:reportsTo |
Type I
Type II |
| gptkbp:reportUsedFor |
gptkb:legislation
vendor management customer assurance internal governance |
| gptkbp:SOC_1 |
focusesOnFinancialReportingControls
reportTypeI reportTypeII usedByUserAuditors |
| gptkbp:SOC_2 |
criteriaIncludesAvailability
criteriaIncludesConfidentiality criteriaIncludesPrivacy criteriaIncludesProcessingIntegrity criteriaIncludesSecurity focusesOnTrustServiceCriteria reportTypeI reportTypeII usedByManagementAndStakeholders |
| gptkbp:SOC_3 |
focusesOnTrustServiceCriteria
reportTypeII usedForGeneralPublic |
| gptkbp:SOC_for_Cybersecurity |
focusesOnEnterpriseCybersecurityRiskManagement
|
| gptkbp:SOC_for_Supply_Chain |
focusesOnSupplyChainRiskManagement
|
| gptkbp:usedFor |
cloud service providers
service organizations outsourced services |
| gptkbp:bfsParent |
gptkb:SOC_1_compliance
|
| gptkbp:bfsLayer |
6
|