Welcome to ITS! Learn more about our strategic partnership with Digital Seattle!

Read the Story
Schedule a Meeting
Services
Services
Cybersecurity
Compliance
Managed IT
Co-Managed IT
Data Analytics
Cloud Computing
VoIP Phone
Business Internet
All Services
Industries
Industries
Architecture and Design
Automotive
Biotechnology
Construction
Finance and Insurance
Healthcare
Law Offices and Law Firms
Logistics and Distribution
Manufacturing
Nonprofit
Retail
Pricing
Pricing
IT Cost Calculator
Learning Center
Learning Center
Articles
Videos
Tools
eBooks
Success Stories
Company
Company
About Us
Careers
ITS Way
Contact
Events
Sales: (855) 204-8823
Client Support
(888) 969-3636
Schedule a Meeting

View All Posts

What is SOC 2 Compliance? [Video] Blog Feature
Karen Ting

By: Karen Ting on December 16th, 2022

Print/Save as PDF

What is SOC 2 Compliance? [Video]

Cybersecurity | Cloud

Compliance is critical for many reasons beyond security; it can affect your business reputation, integrity, and client trust. That’s why it is important to know and adhere to regulatory standards like SOC 2 Compliance which we’ll break down in today’s video. 

What is SOC 2

0:54 What is SOC 2?   

Service Organization Control compliance or SOC is an auditing procedure developed by the American Institute of CPAs or AICPA for service organizations. It protects organizations’ interests and clients' privacy.    

There are two types of SOC reports: 

  1. Type I describes a vendor’s systems and whether their design is suitable to meet relevant trust principles 
  2. Type II details the operational effectiveness of those systems over the audit period.   

1:54 Who needs to be SOC 2 compliant?  

SOC 2 compliance is most relevant to businesses in the financial services industry, but its role encompasses all service organizations. If you are a technology-based service organization that stores customer data in the cloud, you will need to consider getting a SOC 2 audit.   

2:37 What are the five trust principles of SOC 2?   

The SOC 2 compliance standard is based on five Trust Services Criteria, which are:  

  1. Security – Established by restricting access to information through user authorization.  
  2. Availability – Established by ensuring parties who own information have access to it.  
  3. Processing integrity – Established by minimizing flaws in all cybersecurity architecture.  
  4. Confidentiality – Established by taking extra measures to protect unique kinds of data.  
  5. Privacy – Established by paying particular attention to personally identifiable information or PII. 

3:40 What is the SOC 2 audit process?  

  1. Choose your report type. 
  2. Define the scope. 
  3. Conduct a gap analysis. 
  4. Complete a readiness assessment. 
  5. Select an auditor. 
  6. Begin the formal audit process. 

Now that you have a better understanding of SOC2 compliance and how critical it is for your business, you can schedule a meeting with one of our experts. They can help you stay on top of the latest cybersecurity and compliance standards and provide a road map on getting compliant. 

Top 15 Cybersecurity Best Practices

Related Resources

Cybersecurity

69% of Businesses Can't Stop Cyber Threats Without This

Read More

Cybersecurity

7 Tips to Protect Yourself Online in 2023

Read More

Cybersecurity

Lessons Your Business Must Learn from Significant Cyberattacks

Read More