Start with Identity
Subscribe
← Glossary
Compliance

SOC 2

A report issued by an auditor against the AICPA Trust Services Criteria (security, availability, processing integrity, confidentiality, privacy). Type 1 is a point-in-time design; Type 2 covers an operating period, typically 6-12 months.