Skip to content

Join the hundreds of companies that trust 6clicks

qld-gov-logo

vic-gov-logo.png

nsw-gov-logo

Accel-IT-logo

TCS-logo-new

Melbourne-Racing-Club-logo

flybuys-logo

BDO-logo-resized-1

Trusted-Impact-Logo-resized

PS-Logo-nobg

ICT Legal - Favicon

riskcom-logo

EY-logo

devicedesk

Fisher-Leadership-logo

insync-logo1

Maddocks

KordaMentha_Logo

Picture1

Cyber security
SOC

What is SOC 2?

Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five "trust service criteria" — security, availability, processing integrity, confidentiality and privacy.

SOC 2 reports are unique to each organization. In line with specific business practices, each designs its own controls to comply with one or more of the trust principles. These internal reports provide you (along with regulators, business partners, suppliers, etc.) with important information about how your service provider manages data.

There are two types of SOC reports:

  • Type I describes a vendor's systems and whether their design is suitable to meet relevant trust principles as of a specified date
  • Type II details the operational effectiveness of those systems throughout a specified period.

You may want to pursue a SOC 2 report if you handle customer data and/or you work with larger enterprises who will want to ensure that you are a secure vendor.