Can a SOC 1 be leveraged for a SOC 2?

March 9, 2015

Technology based service organizations have seen the SOC 2 report gain immense traction over the past couple years.

As a result, service organizations that have successfully completed SOC 1 examinations are now being asked [by their clients] to undergo a SOC 2 examination as well. Performing an additional examination can seem daunting, yet essential to maintain and potentially win new customers.

Fortunately many of the controls between the SOC 1 and SOC 2 may overlap. In these instances, the service auditor should be able to leverage the documents for certain controls/criteria used to complete the SOC 1 for use in the SOC 2. The necessary work required to complete the additional report will be incremental (assuming the time periods overlap).


Previous Article
SOC 2 Type 1 and Type 2: A Quick Overview
SOC 2 Type 1 and Type 2: A Quick Overview

Can you provide a quick overview on what a SOC 2 examination snd the difference between a Type 1 and Type 2...

Next Article
SOC 2: Overview
SOC 2: Overview

What is a SOC 2 examination? How is it different than a SOC 1 examination?