service organization controls
GPTKB entity
Statements (34)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
audit standard
|
| gptkbp:abbreviation |
SOC
|
| gptkbp:developedBy |
gptkb:American_Institute_of_Certified_Public_Accountants
|
| gptkbp:focusesOn |
gptkb:security
privacy availability confidentiality internal controls processing integrity |
| https://www.w3.org/2000/01/rdf-schema#label |
service organization controls
|
| gptkbp:includes |
gptkb:SOC_1
gptkb:SOC_2 gptkb:SOC_3 |
| gptkbp:purpose |
assess controls at service organizations
|
| gptkbp:relatedTo |
gptkb:SSAE_18
ISAE 3402 |
| gptkbp:reportsTo |
Type I
Type 1 Type 2 Type II |
| gptkbp:SOC_1 |
focuses on financial reporting controls
used by user auditors and user entities |
| gptkbp:SOC_2 |
focuses on trust service criteria
used by management, regulators, and others includes security, availability, processing integrity, confidentiality, privacy |
| gptkbp:SOC_3 |
focuses on trust service criteria for general use
intended for public distribution |
| gptkbp:usedBy |
auditors
service organizations user entities |
| gptkbp:usedFor |
third-party risk management
|
| gptkbp:bfsParent |
gptkb:Statement_on_Auditing_Standards_No._70
gptkb:Statement_on_Standards_for_Attestation_Engagements_(SSAE)_18 |
| gptkbp:bfsLayer |
7
|