How secure is your IT security solution vendor?
SafePaaS offers the highest level to safeguard the information transferred and stored in the cloud by providing annual, independent certification of all systems and hosting facilities.
SOC 1 and 2 Compliance and Certification
A SOC 1 (also known as an SSAE 18) examination looks at the internal processes and controls an organisation uses to handle clients’ financial information. Certified public accountants can create a SOC 1 report that presents the information you need in a clear and concise manner.
The goal of a SOC 1 report is to provide an independent third-party opinion of the internal controls that may affect a user entity’s financial reporting. The report is designed to provide comfort to the organisation’s users and the users’ auditors regarding the controls in place at the organisation.
Organisations need a SOC 1 report to ensure that the internal controls over significant business processes prevent risks in their financial statements. SOC 1 reports are required by external auditors to satisfy compliance requirements. The SOC 1 report contains details about tests performed on transactions and accounts applicable to their financial reporting, such as: Payables and receivables; Payroll and benefits; Loan and payment processing
There are two types of SOC 1 reports.
SOC 1 Type 1 asserts:
- the external service provider has accurately described a system
- that the described controls are in place
- that the controls as described should achieve your financial control objectives.
SOC 1 Type 2 goes a step further to verify:
- that the controls did indeed function as described during a specified period
- describes the tests your accountant performed to make that determination
- and the results of those tests.
The SOC 1 (SSAE 18) report, which provides assurance to auditing personnel about the integrity of your system’s controls, replaced the SSAE 16 standard in 2017.