SOC 2 Compliance

SOC 2 Compliance

What is it?

A Service Organization Control 2 (SOC 2) engagement is an audit of a service provider that is relevant to compliance or operations. SOC 2 Reports specifically address one or more of the following five key system principles: security, availability, processing integrity, confidentiality, or privacy.

Entities who outsource functions pertaining to operating, collecting, processing, transmitting, storing, organizing, maintaining, and disposing of information are often required to validate that the Service Organization is meeting certain standards. SOC 2 Reports follow a set of criteria to examine whether the Service Organization’s controls are effective in delivering their services to their customers.