Free Cyber Risk Analysis: Your Top Cyber Risks in 3 Clicks

Get Started

What is SOC 2?

Service Organization Control 2 (SOC 2) is an audit requirement of the American Institute of CPAs (AICPA) relating to data security, availability, and privacy. The purpose of SOC 2 is to ensure that best practices and security policies are being followed to protect consumers' personal information and privacy.

SOC 2 helps build trust between service providers (like cloud storage companies) and their customers (businesses that use those services).

SOC 2 focuses on five key trust service principles:

  • Security: Safeguarding customer data from unauthorized access, breaches, and other threats.
  • Availability: Ensuring customer data and systems are accessible when needed.
  • Processing Integrity: Guaranteeing the accuracy and completeness of data during processing.
  • Confidentiality: Keeping customer data confidential and only accessible to authorized individuals.
  • Privacy: Respecting customer privacy by following data protection regulations.

See Also:

Return to Cybersecurity Framework and Standards Glossary


Three Top Risk Assessment Templates

Read the Post