Which SOC Report is Right for You?
Resource & Insights
June 18, 2017
Statement of Standards for Attestation Engagements (SSAE) No. 18 – Attestation Standards: Clarification and Recodification, went into effect on May 1, 2017. This post is the third in a four-part series on the changes that will come along with this new standard, and what practitioners and service organizations need to know to ensure continued compliance.
A System and Organization Controls (SOC) examination is an examination performed by an independent public accounting firm and is essential in providing transparency and security to your customers. There are three types of SOC audits, each issued under the new SSAE standard, No. 18, as of May 1, 2017 – SOC 1, SOC 2 and SOC 3.
A SOC audit is not a certification. There is no pass/fail rating that comes with an SOC audit; rather the output is a published audit report that includes any control exceptions or failures.
With SSAE 18 reporting effective as of May 1, 2017, is your organization prepared for the new requirements? Take Weaver’s short SOC Quiz to determine which type of SOC report is best suited for your organization.