Security & Compliance
SOC 2 is a widely recognized security compliance framework that verifies, through an independent audit, that a service provider properly protects customer data across principles like security and availability.
Definition
SOC 2 is a widely recognized security compliance framework that verifies, through an independent audit, that a service provider properly protects customer data across principles like security and availability.
SOC 2 (System and Organization Controls 2) was developed by the AICPA. It evaluates a company's controls against Trust Services Criteria - security, availability, processing integrity, confidentiality, and privacy - with security required and the others optional.
A SOC 2 report is produced by an independent auditor. A Type I report assesses controls at a point in time; a Type II report tests that they operated effectively over a period, usually several months to a year.
For buyers, a SOC 2 report is common evidence that a vendor takes data protection seriously, which is why it is frequently requested during enterprise procurement and security reviews.
FAQ
Ready when you are
Atlas is the all-in-one work OS - tasks, projects, CRM, contracts, HR, and automation on one shared record, with a governed AI assistant. Start free.