SOC 2

E184865

SOC 2 is a widely recognized auditing standard that evaluates how service providers securely manage customer data based on trust service criteria like security, availability, and confidentiality.

All labels observed (4)

Label Occurrences
SOC 2 canonical 4
SOC 2 Type I 1
System and Organization Controls 2 1

How this entity was disambiguated

Statements (47)

Predicate Object
instanceOf SOC 2 report type
SOC 2 report type
auditing standard
compliance framework
service organization control report
abbreviationOf SOC 2 self-linksurface differs
surface form: System and Organization Controls 2
appliesTo SaaS providers
cloud service providers
service organizations
basedOn SOC 2 self-linksurface differs
surface form: Trust Services Criteria
describes design and operating effectiveness of controls over a period of time
design of controls at a point in time
developedBy American Institute of Accountants
surface form: American Institute of Certified Public Accountants
evaluates design of controls
operating effectiveness of controls
focusesOn availability of systems
confidentiality
privacy
processing integrity
security of customer data
governedBy AICPA standards
hasType SOC 2 self-linksurface differs
surface form: SOC 2 Type I

SOC 2 Type II
isDifferentFrom SOC 1
SOC 3
oftenMappedTo ISO 27001
NIST Cybersecurity Framework
recognizedIn United States of America
surface form: United States

international markets
relatedTo IT governance
data protection
information security management
requires documented policies and procedures
independent audit
monitoring of controls
risk assessment
scopeIncludes change management
data backup and recovery
incident response
logical access controls
system operations
vendor management
supports customer contractual requirements
regulatory expectations for service providers
usedFor customer assurance
third-party risk management
vendor due diligence

How these facts were elicited

Referenced by (7)

Full triples — surface form annotated when it differs from this entity's canonical label.

Azure supportsComplianceStandard SOC 2
subject surface form: Microsoft Azure
SOC 2 abbreviationOf SOC 2 self-linksurface differs
this entity surface form: System and Organization Controls 2
SOC 2 basedOn SOC 2 self-linksurface differs
this entity surface form: Trust Services Criteria
SOC 2 hasType SOC 2 self-linksurface differs
this entity surface form: SOC 2 Type I
SOC 1 distinguishedFrom SOC 2