menu close NewsContact Us
English
EnglishHungarian
search close
Global Site close
  • Americas
  • Asia Pacific
  • Europe
  • Middle East and Africa
ArgentinaArubaBahamasBarbadosBoliviaBrazilCanadaCayman IslandsChileColombiaCosta RicaCuracaoDominican RepublicEcuadorEl SalvadorGuatemalaHondurasMexicoPanamaParaguayPeruPuerto RicoSaint MartinSurinameUnited StatesUruguayVenezuela
AfghanistanAustraliaCambodiaChinaFrench PolynesiaHawaiiHong KongIndiaIndonesiaJapanMacauMalaysiaMaldivesMongoliaMyanmarNepalNew ZealandPakistanPhilippinesSingaporeSouth KoreaSri LankaTaiwanThailandVietnam
AlbaniaAndorraArmeniaAustriaAzerbaijanBelgiumBulgariaCroatiaCyprusCzech RepublicDenmarkEstoniaFinlandFranceGeorgiaGermanyGreeceHungaryIrelandItalyKazakhstanLatviaLiechtensteinLithuaniaLuxembourgMaltaNetherlandsNorwayPolandPortugalRomaniaSerbiaSlovakiaSloveniaSpainSwedenSwitzerlandTajikistanTurkeyUkraineUnited KingdomUzbekistan
AlgeriaAngolaBahrainCameroonCentral African RepublicCôte d’IvoireEgyptGhanaIraqJordanKenyaKuwaitLebanonLiberiaMaliMauritiusMoroccoMozambiqueNigeriaOmanQatarSaudi ArabiaSenegalSeychellesSierra LeoneSouth AfricaTanzaniaTogoTunisiaUgandaUnited Arab EmiratesYemenZambiaZimbabwe
English
EnglishHungarian
Services
close Services
Services
Insights
close Insights
Insights
About Us
close About Us
About Us
Careers
NewsContact Us
search close
SOC 2 Photo

SOC 2® Audit

Organizations often outsource some of their functions to service providers which can perform the functions professionally and cost effectively. Outsourcing arrangements increase the company's revenue and reduce costs. On the other hand, outsourcing also results in new risks arising from the cooperation with the service providers. In order to manage the risks arising from cooperation with service providers, companies need information about the design, operation, and effectiveness of the controls implemented by the service provider.

SOC 2® reports aim at supporting companies by analysing and evaluating the effectiveness of the service provider's controls.

SOC 2® is a voluntary standard for service organizations, developed by the American Institute of CPAs (AICPA), which specifies how service providers should manage customer data. Two types of SOC2® audit were defined: Type 1 and Type 2. We are able to issue both types of reports.

SOC 2® covers the following domains:

  • Security
  • Availability
  • Confidentiality
  • Privacy
  • Processing Integrity

Based on rigorous auditing practices, a SOC 2® Report from Crowe provides assurance that a service provider

  • Type 1, Type 2: Presents its services in accordance with the required description criteria
  • Type 1, Type 2: The controls are designed in such a way that the service commitments and system requirements are achieved based on the applicable trust services criteria, and
  • Type 2: The controls were operated effectively throughout the audit period.

Moreover, we can issue SOC 3® Report also. SOC 3® Report is a short, public version of the SOC 2® Type 2 Report. SOC 3® report is designed for users who need a general overview of the service organization’s controls, but do not require a detailed description of the system and the testing procedures. 

SOC 3® reports can be freely distributed to anyone, unlike SOC 1® and SOC 2® reports, which are restricted to specified parties. SOC 3® reports can help service organizations demonstrate their compliance with various standards and regulations.

 

Contact

Get in touch with our experts
Máté Mate Péter Peter Erdősi Erdosi Webtrust Audit Szolgáltatás Szolgáltatások Services
Máté Péter Erdősi PhD CISA
Director