SOC Certification Similar to ISO 27001 Certification?

April 14, 2015 Debbie Zaller

Is there a SOC certification similar to an ISO 27001 Certification?

SOC reporting actually is not considered a certification. As the SOC reports are performed under AICPA attestation standards, they are considered attestation reports. The attestation reports provide an opinion by an independent practitioner/auditor attesting to certain elements about the control environment of a service organization, depending on the SOC report or attestation standard. This is different than an ISO certification that determines an organization’s conformity of their ISMS to the ISO 27001 standard.

About the Author

Debbie Zaller

Debbie Zaller is a Principal at Schellman & Company,LLC. Debbie leads the SOC 2 and SOC 3 service line and is also an AICPA SOC Specialist. Debbie has over 15 years of IT attestation experience and currently spearheads Schellman’s SOC 2 practice, where she is responsible for internal training, methodology creation, and quality reporting. Debbie was a past member of the Florida Institute of Certified Public Accountants’ Board of Governors and served on the Finance and Office Advisory Committee.

More Content by Debbie Zaller
Previous Article
SOC Examination: Is there a SOC certification similar to an ISO 27001 certification?
SOC Examination: Is there a SOC certification similar to an ISO 27001 certification?

Is there a SOC certification similar to an ISO 27001 certification?

Next Article
Complimentary Live Webinar: 2014 Compliance Updates
Complimentary Live Webinar: 2014 Compliance Updates

  via MarketWired Review the updates to SOC, ISO, PCI, and FedRAMP standards August 21, 2014 – (Tampa, FL) ...



Want more information on
ISO 27001?

Check out our complete guide

View ISO Guide