System and Organization Control Reporting (SOC)
As the demand for your company’s services increase, so do the requests from your customers for assurance. Assurance, that you’ve taken the steps necessary to protect the privacy and confidentiality of their data as well as the security, availability and processing integrity of your systems. You are not alone. Looking to reduce infrastructure costs, many organizations are utilizing outsourcing and cloud computing solutions. Similarly, the demand for assurance of the integrity of these outsourced applications and functions has expanded as well.
As a service organization providing outsourced or cloud computing, you are an extension of your customers’ system of internal control and your customers rely upon you to protect them from the risk of fraud, unauthorized use of data, loss of data and violation of privacy.
The American Institute of Certified Public Accountants (AICPA) has provided the solution to demonstrate the reliability of your system of controls and to provide assurance to your customers by providing three System and Organization Control (SOC) reporting options, SOC 1, SOC 2 and SOC 3.