Which SOC Report is right for you?
Wrapping your mind around the importance and many benefits of a SOC Report can be challenging. Understanding which SOC Report is right for your organization can also be confusing. Our hope is that our site makes you understand the different reports a bit better, but when in doubt- our friends at the AICPA can always be depended on to explain things in a clear manner. We encourage you to ask yourself the questions listed below as asked by the AICPA on their website to guide you in the direction towards the type of SOC Report that is right for you. Once you review these questions, reach out to us for assistance with your SOC Report. We perform them across the country and would be happy to work with you.
Key Question: Will the report be used by your customers and their auditors to plan and perform an audit or integrated audit of your customer’s financial statements?
Answer: Yes
SOC Report Type Required: SOC 1® Report
Key Question: Will the report be used by your customers or stakeholders to gain confidence and place trust in a service organization’s systems?
Answer: Yes
SOC Report Type Required: SOC 2® or SOC 3® Report
Key Question: Will the report be used by your customers or stakeholders to gain confidence and place trust in a service organization’s systems?
Answer: Yes
SOC Report Type Required: SOC 2® or SOC 3® Report
Key Question: Do your customers have the need for and ability to understand the details of the processing and controls at a service organization, the tests performed by the service auditor and results of those tests?
Answer: Yes
SOC Report Type Required: SOC 2® Report
Key Question: Do your customers have the need for and ability to understand the details of the processing and controls at a service organization, the tests performed by the service auditor and results of those tests?
Answer: No
SOC Report Type Required: SOC 3® Report