Addresses internal controls that are relevant to a company’s control environment over financial reporting. By definition, a SOC 1 is designed to review a vendor’s financial and accounting controls and the systems that support them.