SOC 2

SOC 2 (Service Organization Control 2) is an AICPA-developed audit framework focused on five trust services criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. SOC 2 Type II reports cover operating effectiveness over a period (typically six to twelve months).

See SOC 2 for VDRs.

Last updated: May 2026.

Further Reading