AICPA SOC 2
SOC 2 principles focus on preventing the unauthorized use of assets and data
What is AICPA SOC 2?
Developed by the American Institute of Certified Public Accountants (AICPA), the System and Organization Controls (SOC) 2 professional standards focus on preventing the unauthorized use of assets and data. It is based upon Trust Services Criteria which specify how organizations should manage customer data and implement controls to ensure data security, availability, processing integrity, confidentiality, and privacy.
At a Glance | |
Standard | AICPA SOC 2 |
Region | Global |
Released | 2010 |
SAI360 Solution | IT Risk & Cybersecurity |
In 2010 SOC2 was revised to include the 17 principles of the COSO framework.
Why is AICPA SOC 2 Compliance Important?
SOC 2 compliance strengthens defenses against cyberattacks and security breaches. It communicates to customers that an organization maintains a high level of information security, with appropriate policies, tools, and processes in place to handle and protect information.
How SAI360 Supports SOC 2 Compliance
SAI360 supports information security management within the SOC 2 standards by providing a flexible, agile approach to risk management. Our cloud-based software and modern ethics and compliance learning content maps risk to requirements, automates assessments, and improves compliance and business performance so you can truly manage your IT risk. It enables you to make agile decisions using up-to-the-minute dashboards for key metrics to:
- Strengthen and streamline SOC 2 compliance
- Centralize policy management across your organization
- Develop a real-time view to manage IT risk
If you are looking to operationalize information security controls across your organization, SAI360 provides a solution that is ready to help you meet the expectations of your shareholders, regulators, customers, and partners.