SOC 1
Alibaba Cloud System and Organization’s Controls (SOC) Reports are independent third-party audit reports concerning the internal controls over the services offered by Alibaba Cloud as a service organization. The SOC Reports are valuable resources for Alibaba Cloud’s customers and their auditors to understand the organization controls and assess the risks associated with their outsourced services. Alibaba Cloud’s customers can review our system and organization controls by accessing the following SOC Report:
SOC 1 Type 2 Report: This is an independent audit report performed according to the SSAE No. 18 Attestation Standards AT-C section in 320 entitled,Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting about the internal controls to achieve the control objectives defined by Alibaba Cloud.
Alibaba Cloud issues SOC reports twice a year with a reporting period of 12 months on a continuous rolling basis (1 April to 31 March and 1 October to 30 September). The latest SOC reports are available in May and November each year.
Alibaba Cloud SOC Reports are available to Alibaba Cloud customers in Alibaba Cloud Compliance Repository.