Home
/
Glossary
/
What is SOC?
Back to Glossary
SOC
Merav Vered
3.12.2024

What is SOC?

SOC (Service Organization Control) refers to a suite of reports conducted by independent auditors to evaluate the controls of service organizations related to information security. These reports assure clients and stakeholders about the effectiveness of the control environment in managing data integrity, security, and privacy. The SOC framework includes several types of reports:

  • SOC 1: Focuses on controls relevant to financial reporting.
  • SOC 2: Assesses controls related to security, availability, processing integrity, confidentiality, and privacy.
  • SOC 3: Similar to SOC 2, but designed for a broader audience, it has a general report on controls without detailed descriptions.

SOC reports are essential to complete for businesses that handle or store customer data, providing a standardized method to demonstrate their commitment to data protection and operational integrity.

Share & Subscribe

Ready to Get Your Time Back?

Give us only 20 minutes and we will show you how to get 20 hours back.

Book a Demo

Recommended

GRC
Merav Vered
5.2.2024

What Is NIST 800-30?

NIST 800-30 is a guide from the National Institute of Standards and Technology (NIST) focused on conducting risk assessments

Read More
Security Questionnaires
Merav Vered
5.2.2024

What Is a Due Diligence Questionnaire?

A Due Diligence Questionnaire (DDQ) is a standardized set of questions designed to gather information about a potential business partner or vendor

Read More