SOC 1 examines inside controls over monetary reporting, whereas SOC 2 seems to be at controls primarily based on AICPA’s belief ideas, which embrace safety, availability, processing integrity, confidentiality, and privateness. Type 2 experiences consider operational efficacy.