What is SOC 2?

SOC 2 (Service Organization Control 2) is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA) for service providers that store customer data in the cloud. SOC 2 defines a set of criteria for evaluating a company's information systems, specifically those related to security, availability, processing integrity, confidentiality, and privacy.

Why is SOC 2 compliance important?

A SOC 2 report is an independent auditor's opinion on whether the service provider's controls are designed and operating effectively to meet the criteria specified by SOC 2. The report can provide assurance to customers and other stakeholders that the service provider has implemented adequate controls to protect their data and ensure its availability and integrity. SOC 2 reports are often requested by customers as a way of evaluating the security and compliance of potential service providers.

Related Topics
ISO 27001
NIST
Security operations
Identity management

Stay Connected

Subscribe to the latest JupiterOne news

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Recommended resources

Datasheet
CSPM Datasheet | JupiterOne + AWS
Report
The 2023 State of Cyber Assets Report
Datasheet
CAASM Datasheet | JupiterOne
Report
Forrester | Total Economic Impact of JupiterOne
eBook
The Cyber Defense Matrix
Video
CEO Erkang Zheng answers 5 critical cybersecurity questions for organizations