Assurance and Advisory Services

System and Organization Controls: SOC Suite of Services 

System and Organization Controls (SOC) is a suite of service offerings CPAs may provide in connection with system-level controls of a service organization or entity-level controls of other organizations. Learn more about the SOC suite of services

SOC for Service Organizations
Internal control reports on the services provided by a service organization providing valuable information that users need to assess and address the risks associated with an outsourced service

New: SOC for Cybersecurity
A reporting framework through which organizations can communicate relevant useful information about the effectiveness of their cybersecurity risk management program and CPAs can report on such information to meet the cybersecurity information needs of a broad range of stakeholders

Under Development: SOC for Vendor Supply Chains
An internal controls report on a vendor’s manufacturing processes for customers of manufacturers and distributors to better understand the cybersecurity risk in their supply chains


Under Development White Paper SOC 2® Examination Engagements and Cybersecurity Risk Management Examination Engagements: Understanding the Key Distinctions


 Mappings relevant to the SOC Suite of Services

 Formerly, SOC referred to service organization controls.

© 2017 Association of International Certified Professional Accountants. All rights reserved.