According to the Association of International Certified Professional Accountants (AICPA) the SOC 2 report is based on controls that are relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.
These reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls of a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems. These reports can play an important role in:
- Oversight of the organization
- Vendor management programs
- Internal corporate governance and risk management processes
- Regulatory oversight
There are two types of reports: Type 2 report is based on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls. There is also a Type 1 report on management’s description of a service organization’s system and the suitability of the design of controls.
Assure Professional specializes in providing cybersecurity, assurance, and compliance solutions. With a unique service, they provide due diligence, private equity, accounting services, and compliance connection programs for SOC 1 (formerly SSAE 16) Audits, Soc 2 + HITRUST Audits, SOC SOC Readiness Assessments, SOC for Cybersecurity, SOC for Vendor Supply Chain, ISO 27001 Assessments and HIPAA/HITECH Assessments.
Strike Graph customers earn audited SOC2 security certifications with confidence.
Automated security monitoring for compliance certifications: SOC 2, HIPAA, and ISO 27001
Like the immortal tugboat, we're passionate about guiding you through the rough seas of information security and privacy into the calm waters of proven policies, practices and compliance.