How a SOC 2® report can benefit organizations currently receiving a SOC 1 report
In 2011, the American Institute of Certified Public Accountants (AICPA) retired the SAS70 standard and replaced it with the SOC 1 and SOC 2® reporting vehicles. Service organizations have been providing their customers, clients and key stakeholders with controls assurance via one of these reports. Typically, a company would receive either a SOC 1 OR a SOC 2® report. However, many organizations receiving SOC 1 are also seeking a SOC 2® examination in response to their customers’ demand.
In this webinar, Baker Tilly discusses the key differences between the SOC 1 and SOC 2® report, and why a company receiving a SOC 1 report would need or benefit from a SOC 2® report.
Key learning objectives
After attending this webinar, participants will be able to:
- Identify the differences between the SOC 1 and SOC 2® report.
- Describe the applicability of the SOC 1 and SOC 2® report and the circumstances when the use of each report is appropriate.
- Determine if their organization should receive a SOC 2® report, or if a reports should be requested from key vendors.
- Recognize the additional effort needed to perform a SOC 2® examination if a SOC 1 is already being performed.
- Discuss the SOC 2® processing integrity criteria requirements and how they may or may not overlap with SOC 1 controls.
Who should attend?
This webinar is intended for service organizations that have SOC 1 examinations performed over their operations and are considering having a SOC 2® examination performed. Companies who receive SOC 1 reports from their key vendors may also find the webinar helpful to understand the benefits of receiving a SOC 2® report in addition to the SOC 1 report.