How to Analyze a Vendor's SOC Audit Report
Download this guide now

• Why do you need your vendor's SOC audit report? 
• Do you need their SOC 1, SOC 2 or both?
• Scope: Is your product/service covered in this report?
• What you need to know when reviewing the narrative and the controls sections
• What are the complementary user entity controls and the associated risk?

As part of your vendor management program, you should be asking many of your vendors for a copy of their SOC audit report, especially your critical or high risk vendors.

To help guide you and your team in reading and understanding these complex reports, we've put together a step by step guide that breaks down the SOC report into easy to comprehend elements.