Glossary definition: SOC 2 Audit
SOC 2 Audit: Ensuring the Security of Your Data
A SOC 2 Audit is an independent evaluation of a service provider’s information security controls and practices. It is based on the Trust Services Principles and Criteria (TSPC) developed by the American Institute of Certified Public Accountants (AICPA). The audit is performed by a third-party auditor and assesses the design and effectiveness of the service provider’s controls and processes related to security, availability, processing integrity, confidentiality and privacy. The audit also assesses the service provider’s ability to meet the TSPC criteria, which include requirements for the service provider’s technical infrastructure, data security, and customer data protection. The SOC 2 Report is a valuable tool for organizations that are looking to assess the security of their service providers and ensure that they are meeting their security and privacy requirements.