Getting the right fit on service organization/provider controls reporting

Getting the right fit on service organization/provider controls reporting highlights the opportunity that organizations have to reconsider the controls related reporting that they issue (or receive) and whether it fully meets their emerging business, operations, technology, and regulatory responsibilities.  The paper demystifies the SOC 1, 2, and 3 designations, and focuses on the fact that the SAS 70 / SSAE 16 report is not a "one-size-fits all" controls report, and that other options might prove to be a better fit.