How Much Do You Trust Your Cloud Service Provider?

SOC 1 Compliant
SOC 1 Compliant

How secure is your IT security solution vendor?

Today, most major cloud offerings are as reliable as any on-premise solution, thanks in part to easier software access over high speed bandwidth enabled by cloud leaders such as Amazon, Microsoft Azure, Salesforce and Oracle.

However, many organisations have security concerns in shifting their most valuable information to the cloud application where the data is stored on the cloud.  Whether or not you can "trust" the cloud often depends completely on what you are doing and what type of service you are using.

SafePaaS offers the highest level to safeguard the information transferred and stored in the cloud by providing annual, independent certification of all systems and hosting facilities.

SOC 1 and 2 Compliance and Certification

A SOC 1 (also known as an SSAE 18) examination looks at the internal processes and controls an organisation uses to handle clients’ financial information. Certified public accountants can create a SOC 1 report that presents the information you need in a clear and concise manner.

The goal of a SOC 1 report is to provide an independent third-party opinion of the internal controls that may affect a user entity’s financial reporting. The report is designed to provide comfort to the organisation’s users and the users’ auditors regarding the controls in place at the organisation.

Organisations need a SOC 1 report to ensure that the internal controls over significant business processes prevent risks in their financial statements. SOC 1 reports are required by external auditors to satisfy compliance requirements.  The SOC 1 report contains details about tests performed on transactions and accounts applicable to their financial reporting, such as: Payables and receivables; Payroll and benefits; Loan and payment processing

There are two types of SOC 1 reports.

SOC 1 Type 1 asserts:

  • the external service provider has accurately described a system
  • that the described controls are in place
  • that the controls as described should achieve your financial control objectives

SOC 1 Type 2 goes a step further to verify:

  • that the controls did indeed function as described during a specified period
  • describes the tests your accountant performed to make that determination
  • and the results of those tests

The SOC 1 (SSAE 18) report, which provides assurance to auditing personnel about the integrity of your system’s controls, replaced the SSAE 16 standard in 2017.