SOC 2® reports provide detailed information and assurance about the controls at a service organization relevant to security, availability, and integrity of the systems used to process data, as well as the confidentiality and privacy of the information processed. These are called the SOC 2® Trust Services Criteria.
It’s important to understand the SOC 2® Trust Services Criteria so you can choose the most applicable criteria for your organization. Your assessor can work with you to help ensure that your report best supports your organization and compliance goals.
SOC 2®* Trust Services Criteria
- Security: Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems.
- Availability: Information and systems are available for operation and use to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected to meet the entity’s objectives.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed to meet the entity’s objectives.
Turn to Auditwerx for SOC 2®* Compliance
Our simple SOC 2® process makes it easy for any size organization to receive the accreditation they need to build trust with their clients. Our experienced team will help you align your compliance efforts across frameworks, working around your business needs for an easy and efficient assessment experience. If you’re ready to get started, contact us today.