Soc 3 (Service Organization Control 3)

A Service Organization Control 3 (Soc 3) report outlines information related to a service organization’s internal controls for security, availability, processing integrity, confidentiality or privacy. These five areas are the focuses of the AICPA Trust Services Principles and Criteria. 

Download this free guide

Download Now: Cloud Incident Response 101

In this free guide, security experts Dave Shackleford, Rob Shapland and Rich Mogull dive into how cloud computing makes incident response more complex and how to respond to modern threats on the cloud.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

A Soc 3 reports on the same information as a Soc 2 report. The main difference between the two is that a Soc 3 is intended for a general audience. These reports are shorter and do not include the same details as a Soc 2 report, which is distributed to an informed audience of stakeholders. Due to their more general nature, Soc 3 reports can be shared openly and posted on a company’s website with a seal indicating their compliance.