A SSAE 18 / SOC 1 Type I Report shows Company's that your Organization has appropriate controls designed and in place as of the date the report is issued. It does not provide assurance that controls are executed consistently, which, is the purpose of the Type 2 report and what most Company's are hoping to| SOC Reporting Guide - SOC 1 | SOC 2 » The Original SOC Report Resource Cente...
This tip is focused on designing controls that reflect the process being testing, if they don't, a headache of massive proportions will be created once testing begins. What do you do to make sure you don't screw this up? Have as many meetings as it takes to get it right. What you need to do| SOC Reporting Guide - SOC 1 | SOC 2 » The Original SOC Report Resource Cente...
The System and Organization Controls (SOC) 2 Report will be performed in accordance with AT-C 205 (formerly under AT-101) and based upon the Trust Services Principles, with the ability to test and report on the design (Type I) and operating (Type II) effectiveness of a service organization's controls (just like SOC 1 / SSAE 18).| SOC Reporting Guide - SOC 1 | SOC 2 » The Original SOC Report Resource Cente...