Like SOC 2, the SOC 3 report has been developed based on
the Auditing Standards Board of the American Institute of
Certified Public Accountants’
Trust Service Criteria (TSC). The SOC 3 is a public report
of internal controls over security, availability, processing
integrity, and confidentiality.
SSAE 18 / ISAE 3402 Type II
The AICPA created the Statement on Standards for
Attestation Engagements No. 18
to keep pace with globally recognized international
SSAE 18 aligns closely with the International Standard on
Assurance Engagements 3402
SSAE 18 and ISAE 3402 are used to generate a report by an
objective third-party attesting to a set of assertions made
by an organization about its controls. The Service
Organization Controls (SOC) framework is the method by which
the control of financial information is measured.
Google Cloud undergoes a regular third-party audit to
certify individual products against this standard. Our SOC 3
reports for Google Cloud Platform and Google Workspace can
be downloaded instantly.
GCP and Google Workspace SOC 3 reports may be requested via
the Compliance Reports Manager.
Potential customers can reach out
to sales for