SOC 2

Definition

SOC 2 is an American audit report demonstrating that a service provider meets security, availability, processing integrity, confidentiality, and privacy standards.

SOC 2 is particularly relevant for SaaS providers and cloud service companies. Type I assesses the design of security controls at a point in time; Type II assesses effectiveness over a period (minimum 6 months).

Related terms

ISO 27001 Cloud Security GDPR
← Back to glossary