Reports on Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting:
- SOC 1® reports are examination engagements performed by a service auditor (CPA) in accordance with Statement on Standards for Attestation Engagements (SSAE) , Reporting on Controls at a Service Organization, to report on controls at a service organization that are likely to be relevant to an audit of a user entity’s financial statements.
- Use of a SOC 1® report is restricted to existing user entities (not potential customers) and their auditors.