• Service: Advisory, Risk Consulting, IT Related Risk & Compliance
  • Industry: Consumer Markets, Diversified Industrials, Energy & Natural Resources, Retail, Food, Drink & Consumer Goods, Electronics, Software & Services, Healthcare & Life Sciences
  • Type: Event, White paper
  • Date: 5/4/2012

Effectively using SOC1, SOC2, and SOC3 reports for increased assurance over outsourced operations 

This paper provides user organizations (customers) and service providers an overview of SOC2/SOC3 and guidance for the application of SOC2/SOC3 reporting. In addition, it provides a contrast between the scopes of SOC2/SOC3 and SOC1 reports.

Organizations are increasingly outsourcing systems, business processes, and data processing to service providers in an effort to focus on core competencies, reduce costs, and more quickly deploy new application functionality. As a result, organizations are updating their processes for monitoring their outsourced vendor relationships and managing the risks associated with outsourcing.