SOC 2 Type II Certification
Commitment to the highest standards of security, availability, processing, confidentiality and privacy.
Trust Service Principles
The 5 fundamental pillars of SOC 2 certification
Security
Protection against unauthorized access and misuse of data
Availability
Guarantee of access to systems when necessary
Processing Integrity
Accuracy, completeness and validity of data processing
Confidentiality
Protection of confidential information from unauthorized disclosure
Privacy
Proper collection, use, retention and disclosure of personal information
Why SOC 2 matters
Commitment to excellence in security and compliance
Independent Certification
Audit conducted by AICPA certified firms
State-of-the-Art Security
Rigorous technical and administrative controls
Annual Audits
Continuous review of controls and processes
Full Compliance
Compliance with all SOC 2 Type II principles
Full Transparency
Reports available to stakeholders
Building Trust
Demonstration of commitment to best practices
SOC 2 is a control reporting framework developed by the American Institute of Certified Public Accountants (AICPA)
Evaluates whether an organization maintains adequate controls over security, availability, processing integrity, confidentiality and privacy
Type II tests the operational effectiveness of controls over time (usually 6-12 months)
Certification demonstrates commitment to security best practices