Many frameworks. One managed approach.

A reference guide to the major cybersecurity and compliance standards ComplianceXO serves. Click a framework to read the key requirements, enforcement notes, and our commentary.

01 · Trust service criteria

SOC 2

SOC 2 governs how service organizations manage and protect customer data across five trust service criteria: security, availability, processing integrity, confidentiality, and privacy.

§Key requirements · 5 items

01Security controls and continuous monitoring
02Incident response procedures and tabletop exercises
03Access controls and multi-factor authentication
04Vendor management and third-party risk
05Regular risk assessments and control testing

Get SOC 2 ready →Official source ↗