Announcements
Cloud
Security
February 23, 2021 By Shaun Taraporewalla 2 min read

IBM Cloud continues to expand its compliance posture for Platform as a Service (PaaS) offerings with the System and Organization Controls (SOC) framework.

The System and Organization Controls (SOC) framework, developed by the American Institute of Certified Public Accountants (AICPA), is a standard for controls that protect information stored in the cloud. Certified Public Accountants (CPAs) audit cloud service providers (CSPs), resulting in internal control reports on the services provided by a service organization. SOC reports can help users assess and address the risks associated with an outsourced service.

  • SOC 1 is an audit of the internal controls at a service organization that were implemented to protect client-owned data involved in client financial reporting. SOC 1 audits and reports are based on the Statement on Standards for Attestation Engagements (SSAE 18) and the International Standards for Assurance Engagements No. 3402 (ISAE 3402).
  • SOC 2 audits, based on the AICPA Trust Service Principles and Criteria, gauge the internal controls at a service organization that were implemented to protect customer-owned data. SOC 2 reports provide details about the nature of those internal controls.
  • SOC 3 reports are condensed, publicly available versions of the SOC 2 Type 2 audit report of controls put in place by service organizations. SOC 3 reports are intended for users that don’t need the full details of a SOC 2 report.

A full list of IBM Cloud services with SOC reports available (published SOC 3 reports and options to request SOC 1 and SOC 2 reports) can be found here.

IBM Cloud Services newly audited for SOC

For SOC 1 Type 2:

For SOC 2 Type 1:

For SOC 2 Type 2:

For SOC 3 (reports published here):

Learn more

Get more information on all IBM Cloud compliance programs.

Shaun Taraporewalla
Product Manager, IBM Public Cloud Compliance

More from Announcements
July 2, 2024

Success and recognition of IBM offerings in G2 Summer Reports  

2 min read - IBM offerings were featured in over 1,365 unique G2 reports, earning over 230 Leader badges across various categories.   This recognition is important to showcase our leading products and also to provide the unbiased validation our buyers seek. According to the 2024 G2 Software Buyer Behavior Report, “When researching software, buyers are most likely to trust information from people with similar roles and challenges, and they value transparency above other factors.”  With over 90 million visitors each year and hosting more than 2.6…

June 24, 2024

Manage the routing of your observability log and event data 

4 min read - Comprehensive environments include many sources of observable data to be aggregated and then analyzed for infrastructure and app performance management. Connecting and aggregating the data sources to observability tools need to be flexible. Some use cases might require all data to be aggregated into one common location while others have narrowed scope. Optimizing where observability data is processed enables businesses to maximize insights while managing to cost, compliance and data residency objectives.  As announced on 29 March 2024, IBM Cloud® released its next-gen observability…

June 21, 2024

Unify and share data across Netezza and watsonx.data for new generative AI applications

3 min read - In today's data and AI-driven world, organizations are generating vast amounts of data from various sources. The ability to extract value from AI initiatives relies heavily on the availability and quality of an enterprise's underlying data. In order to unlock the full potential of data for AI, organizations must be able to effectively navigate their complex IT landscapes across the hybrid cloud.   At this year’s IBM Think conference in Boston, we announced the new capabilities of IBM watsonx.data, an open…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters