Glossary definition: SOC 2 Standards

SOC 2: Security & Privacy Compliance Standards

The SOC 2 Standards are a set of trust principles developed by the American Institute of Certified Public Accountants (AICPA) to provide organizations with a rigorous framework for evaluating the security, availability, processing integrity, confidentiality, and privacy of their systems and services. The SOC 2 Standards provide guidance on how to design, implement, and maintain an effective system of internal controls and processes to protect the organization’s data and assets. The standards are designed to ensure that organizations meet the requirements of the AICPA Trust Services Principles and Criteria, which are based on the security, availability, processing integrity, confidentiality, and privacy of the organization’s systems and services. The SOC 2 Standards are applicable to organizations of all sizes and are used to assess the effectiveness of a company’s internal controls. The standards are also used to evaluate the security and privacy practices of cloud service providers and other third-party vendors.