Trust Services Report for Service Organizations
SOC 3sm reports are designed to meet the needs of uses who want assurance on the controls at a service organization related to security, availability, processing integrity, confidentiality, or privacy but do not have the need for or the knowledge necessary to make effective use of a SOC 2sm report. These reports are prepared using the AICPA/ CPA Canada (formerly Canadian Institute of Chartered Accountants) Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy. Because SOC 3sm reports are general use reports, they can be freely distributed or posted on a website as a seal. For more information about the SysTrust for Service Organization seal program go to www.webtrust.org.