SOC (System and Organization Controls) reports are designed to assess and provide assurance about a service organization's internal controls. They are commonly used in IT security, cloud computing, and financial auditing. In this session, we describe the three different types of SOC reports and how to approach them in an audit.

This course is a part of IT Audit Bytes series. The other Segments of this series are:

1. IT Audit Bytes - Access Control
2. IT Audit Bytes - Backup and Recovery
3. IT Audit Bytes - Change Management
4. IT Audit Bytes - Cybersecurity
5. IT Audit Bytes - Data Loss Prevention
6. IT Audit Bytes - Disaster Recovery and BCP
7. IT Audit Bytes - IT Control Frameworks
8. IT Audit Bytes - Job Monitoring
9. IT Audit Bytes - Logging and SEIM
10. IT Audit Bytes - Network Security and Detection
11. IT Audit Bytes - Password Management
12. IT Audit Bytes - Physical Security
13. IT Audit Bytes - Provisioning and Deprovisioning
14. IT Audit Bytes - SDLC Controls
15. IT Audit Bytes - Security Awareness Training
16. IT Audit Bytes - Separation of Duties Controls
17. IT Audit Bytes - SOC Reports
18. IT Audit Bytes - Strategy and Governance
19. IT Audit Bytes - Third-Party IT Risk Management (TPRM)