Skip to content

Glossary definition: SOC 2

SOC 2 Compliance: What You Need to Know

SOC 2 is a set of auditing standards developed by the American Institute of Certified Public Accountants (AICPA) to evaluate and validate the security, availability, processing integrity, confidentiality, and privacy of a service organization’s systems and processes. The SOC 2 audit is designed to provide assurance to customers and other stakeholders that the service organization has met the AICPA’s Trust Services Principles and Criteria. The Trust Services Principles are a set of security, availability, processing integrity, confidentiality, and privacy criteria that organizations must meet in order to demonstrate that they have taken the necessary steps to protect their customers’ data. The SOC 2 audit is conducted by a third-party audit firm and is typically conducted annually. The audit report is then made available to customers, partners, and other stakeholders. The SOC 2 audit is an important tool for organizations to demonstrate their commitment to security and data privacy, as well as to provide assurance to customers and other stakeholders that their data is secure and protected.