The phrase "AT 101 SOC 2" is often kicked around in today's world of regulatory compliance. With that said, it's important to gain a strong factual understanding of AT 101 SOC 2, as this will ultimately help service organizations learn more about many of their responsibilities for reporting on controls.
First and foremost the "SOC 2" component of the "AT 101 SOC 2" phrase is associated with the AICPA Service Organization Control (SOC) reporting framework, for which there are three (3) reporting options that are offered: SOC 1, SOC 2, and SOC 3. SOC 1 reports, which are very common and well-known, utilize the SSAE 16 attestation standard, while SOC 2 and SOC 3 reports utilize the AT 101 professional standard. So what exactly is a professional standard, for purposes of SOC 1, SOC 2 and SOC 3 reporting? It's a publication put forth by the AICPA with a series of provisions, statements and explicit guidance on how to perform a particular engagement.
Essential "AT 101 SOC 2" Subject Matter You Need to Know About
• AT 101 is the professional standard used for issuing SOC 2 reports.
• SOC 2 is part of the AICPA Service Organization Control (SOC) reporting framework.
• SOC 2 reports can be that of Type 1 or Type 2.
• SOC 2 reports are generally geared towards many of today's technology driven service organizations, such as Software as a Service (SaaS) entities, data centers, managed service providers, and others.
• SOC 2, though not as well-known as SOC 1, can be a viable reporting option at times.
Important SSAE 16 SOC 1 Information
• SSAE 16 is the professional standard used for issuing SOC 1 reports.
• SOC 1 is also part of the comprehensive AICPA SOC reporting platform.
• SOC 1 reports can be that of Type 1 or Type 2.
• The SSAE 16 is very well-known, due in large part that it replaced the longstanding SAS 70 auditing standard, which was originally put forth in April of 1992.
You can learn more about AT 101 SOC 2 by visiting the official SSAE 16 Resource Guide, a comprehensive website dedicated to the AICPA Service Organization Control (SOC) reporting framework.
Additionally, the following notable topics are worth learning more about also:
NDB – North America’s Leading Provider of SOC 2 Audits & Assessments
We’ve been performing SOC 2 audits for years, offering fixed-fee pricing and high-quality services to businesses from coast to coast. Wherever you are located, NDB has the skills, expertise, and manpower for helping you become SOC 2 compliant. We also offer a wide-range of additional compliance services and solutions, such as SSAE 16 SOC 1 audits, PCI DSS assessments, FISMA compliance, and much more Please contact us today to learn more about NDB, or email Chris Nickell at firstname.lastname@example.org today.