Several of our clients, current as well as prospective have posed a question to us about the applicability of a SOC 3 report and its benefits. I thought some additional information drawing clarity to the question will be beneficial to others who read this Blog especially for those that have the same question.
So what is a SOC 3 report? A SOC 3 Report is a report on controls at a service organization addressing matters other than financial reporting. A SOC 3 report is prepared using the AICPA/Canadian Institute of Chartered Accountants (CICA) Trust Services Principles, Criteria, and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy.