Broadcom SOC (SOC1, SOC2 etc.) reports for Clarity PPM
Article ID: 375357
Updated On:
Products
Clarity PPM SaaS
Clarity PPM On Premise
Issue/Introduction
You are looking for SOC1 / SOC2 reports from Broadcom directly for Clarity PPM application.
Resolution
- Create a case with Broadcom Support to request SOC1, SOC2 reports and provide an email where the reports will be sent to you
- The SOC reports are only applicable to customers who are hosted by Broadcom on Broadcom SAAS GCP
- For customers, hosted by partners or On Premise, the reports are not of use
- The reports are only generated once per year, for the entire completed fiscal year
- They are issued end of January each year, and are not updated in the interim
Additional Information
Broadcom provides SOC 1 Type II reports exclusively for the Broadcom Clarity SaaS environment. These reports are not applicable to On-Premise or Partner-hosted deployments for the following reasons:
- Operational Scope: SOC 1 Type II audits the operational controls (infrastructure management, physical security, and hosting) of a specific service provider. Since Broadcom does not manage the servers or data for non Broadcom hosted instances, our report does not cover your environment.
- Audit Validity: Per SSAE 18 standards, a SOC 1 report is used to evaluate Internal Controls over Financial Reporting (ICFR). Because your data does not reside on Broadcom’s SaaS infrastructure, a financial auditor cannot rely on Broadcom’s report to validate the integrity of your specific instance.
- Provider Responsibility: In this deployment model, the entity managing the hosting and administration is the "Service Organization."
Feedback
Yes
No
Powered by
