SOC 2

SOC 2 is a framework for managing and protecting customer data based on five trust service criteria: security, availability, processing integrity, confidentiality, and privacy.

Key Requirements

• Security controls and monitoring
• Incident response procedures
• Access controls and user authentication
• Vendor management
• Regular risk assessments

SOC 2 (and it's related SOC 1 and SOC 3) are third party reports created by accredited CPA firms.