What are SOC 1 and SOC 2?

SOC 1 and SOC 2 audits provide a way for service organizations to build trust and transparency through external verification of internal controls. Using AICPA established criteria, multidisciplinary teams composed of licensed CPAs and information technology and security specialists perform the audit and provide reports relevant to security, availability, processing integrity, confidentiality, and privacy.
At a high level, the difference between SOC 1 and SOC 2 is this: SOC 1 audits evaluate internal control over financial reporting. SOC 1 audits are typically conducted on financial services providers—accounting firms, banks, credit unions, financial management and advisory services. SOC 2 audits evaluate internal control over other types of data—data that does not influence financial reporting. SOC 2 audits are typically conducted on providers of other types of services—support services to health care, legal, finance, defense industries, as well as vendors to large tech corporations like Microsoft and Amazon.
Additionally, a SOC 3 general use report covers the same topics reported on in the SOC 2 report but at a less detailed and specific level, intended for a general audience.

ISOutsource is a SOC 2 Accredited IT Support Provider

Other managed services providers offer marketing claims about their commitment to security, system integrity, and operational efficiency, ISOutsource delivers proof.
Our SOC 3 report is available for download by requesting it below. Our SOC 2 report is available (subject to an NDA) to clients and prospective clients. It provides an attestation that our systems are robust and secure and that our policies and procedures are mature and efficient.
Assistance in determining which report is appropriate—SOC 1 vs SOC
SOC 1 and SOC 2 Compliance Checklist
Pre-Audit Evaluation, Planning, Remediation, and Documentation
SOC 1 and SOC 2 Audit Checklist
Liaison Between Your Executives and External IT Auditors
Remediation of Gaps Discovered in the Audit Process
Is your organization considering an AICPA SOC 1 or SOC 2 audit? Contact ISOutsource today to learn more about how we will help you prepare for and comply with the SOC 1 or SOC 2 requirements.


Need to request a copy of our SOC report? Complete the below form and we will be in touch with you to complete your request.

Let’s Connect

No matter the size of the project or frequency of support needs, we can tailor a plan for you - no strings attached. Let us show you how we keep our clients happy, productive, and supported.