Chargement...
Chargement...
Copyright © 2026 Anove International B.V.
All product names, logos, and brands are property of their respective owners. Use of these names does not imply affiliation, endorsement, or partnership.
SOC 2
Service Organization Control (SOC) 2 is a framework developed by the American Institute of CPAs (AICPA) for managing customer data based on five Trust Service Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.
SOC 2 (System and Organization Controls 2) is an attestation framework developed by the American Institute of CPAs (AICPA) for reporting on the controls a service organisation has in place to protect customer data. It is built on five Trust Services Criteria: Security (the mandatory common criteria), plus Availability, Processing Integrity, Confidentiality, and Privacy, which organisations include as relevant to their services.
A SOC 2 examination is performed by an independent licensed CPA firm, resulting in a Type I report (design of controls at a point in time) or a Type II report (operating effectiveness over a period). Widely expected of SaaS and cloud providers, a SOC 2 report is a common way to demonstrate trustworthy data handling to customers.
Implement controls protecting systems and data against unauthorised access, the mandatory basis of every SOC 2.
Where in scope, ensure systems are available as committed and that processing is complete, accurate, and timely.
Where in scope, protect confidential information and handle personal data in line with commitments.
Undergo a Type I or Type II examination by a licensed CPA firm and share the resulting report with stakeholders.
Pour aller plus loin
Anove analyse votre stack au regard de SOC 2 et de plus de 260 autres cadres en quelques minutes.