Unlike SOC Type 1 reports, which are based on a specific point in time, SOC Type 2 reports are done over a period of time. What is the minimum span of time for a SOC Type 2 report?
Although the AICPA does not mandate a strict minimum for the coverage period of a SOC 2 Type 2 report, the generally accepted industry practice (and what most clients and auditors expect) is a six-month coverage period at a minimum. This is because a Type 2 report is meant to verify the effectiveness of controls over time, rather than just at a single point.
This section is not available anymore. Please use the main Exam Page.CCSP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
EdwardLeeBurtle
Highly Voted 2 years, 3 months agoMaciekMT
Most Recent 2 months agora1paul
2 months, 2 weeks agoqpodian
6 months, 1 week agoDA95
1 year, 4 months agokepalon
2 years ago