A perspective on service organisation controls reporting options
Over the past several years, companies have been more aware of the importance of internal controls over third-party hosted systems, services and data.
The increasingly sophisticated cloud computing environment has introduced new risks and challenges for organisations. Any effective system of internal control must adapt to new challenges and changes. Today's business environment strains controls that were once sufficient.
This paper introduces a new breed of controls reporting options that provided customers with board coverage over their internal controls. It provides outsourced service providers and their customers with an understanding of the new Service Organisation Controls (SOC) reports 1, 2 and 3 options, the ability to compare and contrast the options to assist with determining the best fit and suggested steps in scoping and delivering a SOC report.