SOC 1 and SOC 2 are both types of Service Organization Control (SOC) reports. SOC 1 report focuses on the controls at a service organization that are relevant to the user entities’ internal control over financial reporting. SOC 1 report are of two types: SOC 1 Type 1 and SOC 1 Type 2. SOC 1 Type 1 report focuses on the service organization’s description of its system and the suitability of the design of controls. SOC 1 Type 2 report focuses on the operating effectiveness of the controls for a period of time.

SOC 2 report focuses on controls related to security, availability, processing integrity, confidentiality, and privacy of a service organization’s system. It is intended to help service organizations that provide services to other organizations to meet the trust service principles and the relevant criteria of the AICPA and CICA.

Compliance services can help organizations implement and maintain compliance with these standards by providing guidance and support throughout the process, including conducting audits and providing training.