Introduction to System and Organization Controls Examination
What is an SOC examination?

A System and Organization Controls (SOC) examination is an independent third-party review used to verify how an organization secures and manages their systems and facilities, internal and external networks, and client data. The examination focuses on reviewing the controls in place to achieve stated organizational objectives, discussions between examiners and subject matter experts to gain an understanding of processes and procedures in place, and testing controls to ensure operating effectiveness. This process is a collaborative effort between the independent auditor and the service organization and often leads to the improvement of processes for the service organization.