service organization controls
GPTKB entity
Statements (34)
Predicate | Object |
---|---|
gptkbp:instanceOf |
audit standard
|
gptkbp:abbreviation |
SOC
|
gptkbp:developedBy |
gptkb:American_Institute_of_Certified_Public_Accountants
|
gptkbp:focusesOn |
gptkb:security
privacy availability confidentiality internal controls processing integrity |
https://www.w3.org/2000/01/rdf-schema#label |
service organization controls
|
gptkbp:includes |
gptkb:SOC_1
gptkb:SOC_2 gptkb:SOC_3 |
gptkbp:purpose |
assess controls at service organizations
|
gptkbp:relatedTo |
gptkb:SSAE_18
ISAE 3402 |
gptkbp:reportsTo |
Type I
Type 1 Type 2 Type II |
gptkbp:SOC_1 |
focuses on financial reporting controls
used by user auditors and user entities |
gptkbp:SOC_2 |
focuses on trust service criteria
used by management, regulators, and others includes security, availability, processing integrity, confidentiality, privacy |
gptkbp:SOC_3 |
focuses on trust service criteria for general use
intended for public distribution |
gptkbp:usedBy |
auditors
service organizations user entities |
gptkbp:usedFor |
third-party risk management
|
gptkbp:bfsParent |
gptkb:Statement_on_Auditing_Standards_No._70
gptkb:Statement_on_Standards_for_Attestation_Engagements_(SSAE)_18 |
gptkbp:bfsLayer |
7
|