Cross-Sector
SOC 2 Type II
Trust Services Criteria for security, availability, processing integrity, confidentiality, and privacy. The standard for SaaS and technology companies demonstrating operational security to customers.
5Categories
69Controls
—Readiness
Control Categories
Security (Common Criteria)
33 controlsLogical and physical access controls, system operations, change management, and risk mitigation.
Open control detailsAvailability
9 controlsSystem uptime commitments, disaster recovery, incident response, and capacity planning.
Open control detailsProcessing Integrity
8 controlsCompleteness, accuracy, timeliness, and authorization of system processing.
Open control detailsConfidentiality
7 controlsProtection of information designated as confidential throughout its lifecycle.
Open control detailsPrivacy
12 controlsCollection, use, retention, disclosure, and disposal of personal information.
Open control details