Soc 3 (Service Organization Control 3)

A Service Organization Control 3 (Soc 3) report outlines information related to a service organization’s internal controls for security, availability, processing integrity, confidentiality or privacy. These five areas are the focuses of the AICPA Trust Services Principles and Criteria. 

Download this free guide

Download Now: Cloud Incident Response 101

In this free guide, security experts Dave Shackleford, Rob Shapland and Rich Mogull dive into how cloud computing makes incident response more complex and how to respond to modern threats on the cloud.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

A Soc 3 reports on the same information as a Soc 2 report. The main difference between the two is that a Soc 3 is intended for a general audience. These reports are shorter and do not include the same details as a Soc 2 report, which is distributed to an informed audience of stakeholders. Due to their more general nature, Soc 3 reports can be shared openly and posted on a company’s website with a seal indicating their compliance.