SOC 1 Type II

June 15, 2022

The SOC (System and Organization Controls) 1 Type II audit covers all the same information as the Type I audit, but it adds in a different element. The Type II audit addresses the design and testing of the controls over a period of time, which is most often six months, as opposed to the specific date used in a Type I audit. It also describes the testing performed and the results. This type of report is far more rigorous and intensive than Type I, as it covers a greater span of time and requires that your auditors perform a more thorough investigation of your system’s design and processes.

Join 300+ companies using Trustpage to communicate security.