Skip To Main Content
Diagram of icons floating above open laptop computer with one hand resting on keyboard.

System and organization controls (SOC) 1: Reporting on controls at a service organization (Guide)

This guide will help you audit a service organization's controls relevant to user entities' internal control over financial reporting.

Explore the updated SOC 1® Guide, a non-authoritative resource which we have adapted from the AICPA version to meet Canadian standards. It is intended for practitioners who are engaged to report on a service organization's controls relevant to user entities' internal control over financial reporting.

Key topics:

  • non-authoritative guidance on performing and reporting on SOC 1 engagements
  • understanding the difference between type 1 and type 2 SOC 1 report
  • illustrative management statements and management representation letters
  • illustrative service auditor's reports, including reporting in accordance with both Canadian and international, or Canadian and US standards