Based on COSO's 5 principles, A SOC Report is made.
The 2013 Framework focuses on five integrated components of internal control
Set of standards, processes, and structures that provide the basis for carrying out internal
control across the organization.
Forms the basis for determining how risks will be managed.
Actions that help management mitigate risks.
Information and communication
Used to disseminate important information throughout and outside of the organization.
Periodic or ongoing evaluations to verify that each of the five components of internal
controls are present and functioning.
What is SOC Compliance?
SOC 1 vs SOC 2 vs SOC 3