ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CCSP All Questions

View all questions & answers for the CCSP exam
Go to Exam

Exam CCSP topic 1 question 403 discussion

Actual exam question from ISC's CCSP
Question #: 403
Topic #: 1
[All CCSP Questions]

What are SOC 1/SOC 2/SOC 3?

  • A. Audit reports
  • B. Risk management frameworks
  • C. Access controls
  • D. Software developments
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
An SOC 1 is a report on controls at a service organization that may be relevant to a user entity's internal control over financial reporting. An SOC 2 report is based on the existing SysTrust and WebTrust principles. The purpose of an SOC 2 report is to evaluate an organization's information systems relevant to security, availability, processing integrity, confidentiality, or privacy. An SOC 3 report is also based on the existing SysTrust and WebTrust principles, like a SOC 2 report.
The difference is that the SOC 3 report does not detail the testing performed.
by akg001 at May 22, 2022, 2:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
akg001
5 months ago
Selected Answer: A
A. Audit reports
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago