SOC 2 Type I is an audit report issued under the AICPA's Trust Services Criteria that evaluates the design and implementation of an organisation's controls at a specific point in time. It assesses whether the controls are suitably designed to meet the relevant Trust Services Categories—security, availability, processing integrity, confidentiality and privacy—but does not test their operational effectiveness over a period.
A SOC 2 Type I report is often used as a stepping stone towards a Type II report, demonstrating to customers and partners that appropriate controls have been established. It is particularly useful for organisations that have recently implemented their control environment and want to provide assurance before a full period of operational testing has elapsed.