A SOC 3 report is a general use report of the SOC 2 reports which covers how a company safeguards customer data and how well those controls are operating. These reports are issued by independent third party auditors covering the principles of Security, Availability, Confidentiality, and Privacy.
What’s the primary purpose of this initiative?
Provides an independent assessment of One Identity’s security and privacy control environment. The assessment is designed to meet the needs of users who require assurance about the controls at a service organization.
What’s the scope?
The One Identity’s SOC 3 scope is the same as our SOC 2 Type which covers the AICPA’s Trust Services Principles and Criteria for Security, Availability, Confidentiality, and Privacy.
How often are you evaluated/audited?
Audits are performed annually.
Who is the primary audience?
Customers and relevant third parties with a business need.