This SOC 2 video explains the purpose and structure of a SOC 2 report, which evaluates a service organisation’s controls in five areas: Security, Availability, Processing Integrity, Confidentiality, and Privacy. The report, prepared by security experts and CPAs, includes key sections:
1- Independent Service Auditor's Report: An external auditor’s assessment of whether the organisation’s controls meet the Trust Service Criteria.
2- Management's Assertion: The organisation’s confirmation that their controls are properly designed and implemented.
3- System Description: A detailed overview of the organisation’s systems and controls.
4- Auditor's Testing of Controls (Type 2 only): Results of control testing over time.
The video highlights the roles of both auditors and management in creating the report and mentions that GCC provides resources to help organisations prepare their documentation.
Build your robust, safe and sustainable business with Global Compliance Certifications. Call 800 444 800 today or visit www.GCCertification.com