Skip to main content
All CollectionsFrameworksSOC 2 2017
What to look for when reviewing your draft SOC 2 report
What to look for when reviewing your draft SOC 2 report
Updated over 3 years ago

When reviewing your draft SOC 2 report, you should focus on the following:


-Section 1 is the auditor's report. You will want to read this and make sure you agree with the language as this is the high level results of the audit.


-Section 2 is the assertion letter you will be signing. This is standard language that can't be changed, but good to review in case you have questions.


-Section 3 is the system description you wrote. You can skim this section and make sure no significant changes were made to the copy you provided.


-Section 4 is the control testing and results. You will want to review the control column and test results column to make sure the auditor documented the controls and test results accurately. The auditor should have told you if any exceptions were identified, so if you haven't been told about exceptions, you probably received a clean report without exceptions.

Did this answer your question?