Definition

Soc 3 (Service Organization Control 3)

Contributor(s): Alex DelVecchio

A Service Organization Control 3 (Soc 3) report outlines information related to a service organization’s internal controls for security, availability, processing integrity, confidentiality or privacy. These five areas are the focuses of the AICPA Trust Services Principles and Criteria

A Soc 3 reports on the same information as a Soc 2 report. The main difference between the two is that a Soc 3 is intended for a general audience. These reports are shorter and do not include the same details as a Soc 2 report, which is distributed to an informed audience of stakeholders. Due to their more general nature, Soc 3 reports can be shared openly and posted on a company’s website with a seal indicating their compliance.

This was last updated in April 2012

Dig Deeper on Cloud Computing SLAs and Legal Issues

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly.com

Close