SOC 2 – Type 2
Securing your data.
Audit and validate relevant business and operational controls.
Service Organization Control (SOC) reports are used by service providers to audit and validate relevant business and operational controls that support the services subscribed to by their customers. At Long View, this report identifies and validates a wide array of controls - everything from the Managed IT Services and OnDemand Cloud infrastructure/service models to corporate governance and HR controls.
SOC reports will often audit these controls over a defined period. At Long View, we pursue a full year audit -- the maximum possible.
At a Glance:
- We help businesses understand the operational model of the service provider.
- We ensure it aligns to their unique needs/requirements.
- We provide insight into the provider’s level of capability and maturity.
SOC reports come in three variations. SSAE18/SOC2 serves a unique purpose in supporting the needs of a provider’s customers from a data security standpoint.
- SSAE18/SOC2 – The SOC2 report intends to describe, assess and validate controls that affect the security, availability, processing integrity, confidentiality and privacy of customers subscribed to the services of an external provider. A typical example is a co-location facility providing security controls for hosting services. Long View currently maintains an SSAE18/SOC2 Type II report.
SOC reports have two document categories; Type I or Type II.
- Type I reports describe the providers operating controls and the suitability of their design.
- Type II reports, the most common type of SOC report, contain all of the information included in a Type I but also audit the effectiveness of the controls over a defined period (typically three months to a year). Our report reflects a 1-year operating period; the maximum allowed.
We have specifically scoped our SSAE18 / SOC2 reports to include all the relevant controls that support our OnDemand Cloud and Managed IT Service offerings. An authorized third-party auditor organization conducts the audit for the Long View SOC2 Type II report, adhering to the American Institute of Certified Public Accountants (AICPA), AT801 and the International Standards for Assurance Engagements No. 3402 (ISAE 3402) guidelines. This report replaces the previous Statement of Auditing Standards No. 70 (SAS 70) report.