White Paper on "AT 101 SOC 2 and 5 Important Points" Issued by NDB Accountants

Share Article

"AT 101 SOC 2" is a phrase commonly heard in today's world of regulatory compliance, and it has gained considerable following due to the formation of the AICPA Service Organization Control (SOC) reporting framework. Specifically, the actual SOC framework allows for three reporting options, SOC 1, SOC 2 and SOC 3. And while SOC 1 SSAE 16 reporting is well-known, little has been said of AT 101 SOC 2, thus there's much to learn about regarding this SOC reporting option. As such, take note of the following 5 important points on AT 101 SOC 2 - brought to you by NDB Accountants & Consultants - a nationally recognized PCAOB CPA firm specializing in SOC 1, 2, and 3 reporting.

News Image
SOC 2 is finally becoming a viable reporting option, so take note of the following important points.

"AT 101 SOC 2" is a phrase commonly heard in today's world of regulatory compliance, and it has gained considerable following due to the formation of the AICPA Service Organization Control (SOC) reporting framework. Specifically, the actual SOC framework allows for three reporting options, SOC 1, SOC 2 and SOC 3. And while SOC 1 SSAE 16 reporting is well-known, little has been said of AT 101 SOC 2, thus there's much to learn about regarding this SOC reporting option. As such, take note of the following 5 important points on AT 101 SOC 2 - brought to you by NDB Accountants & Consultants - a nationally recognized PCAOB CPA firm specializing in SOC 1, 2, and 3 reporting.

1. AT 101 is actually the professional standard used for issuing SOC 2 and SOC 3 reports: That's right, and learn more about it from the official SSAE 16 Resource Guide.
2. SOC 2 is part of the AICPA Service Organization Control (SOC) reporting platform: And don't forget, that it also includes SOC 1 and SOC 2 reporting.
3. SSAE 16 is the professional standard used for issuing SOC 1 reports: And SSAE 16 reports can either be Type 1 and/or Type 2.
4. SOC 1 vs. SOC 2: There are important differences (and some similarities) that everyone should be aware of regarding SOC 1 vs. SOC 2.
5. SOC 2 is viable: With all the press surrounding SOC 1 - SOC 2 was not given much acceptance at first glance - but that's changing as more and more service organizations (and auditors) truly see the value of SOC 2 reporting, especially if they provide services relating to technology.

Learn more about AT 101 SOC 2, SSAE 16 and many other important aspects of reporting on controls by visiting the official SSAE 16 Resource Guide, developed by NDB Accountants & Consultants, a nationally recognized PCAOB CPA firm specializing in SOC compliance.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Charles Denyer
Follow us on
Visit website