In a Type 1 SOC report, what is stated regarding operating effectiveness?

In a Type 1 SOC report, the focus is on providing an assessment of the design of internal controls at a specific point in time, rather than evaluating their operating effectiveness over a period. This means that while the control design may be deemed appropriate and in place, the report does not offer an opinion on how effectively those controls operate. The distinction is crucial because a Type 1 report is essentially a snapshot that does not include evidence or evaluations of the controls functioning as intended throughout a reporting period. This lack of opinion on operating effectiveness differentiates Type 1 reports from Type 2 SOC reports, which do assess and provide assurance on the operating effectiveness of controls over time.