SOC Compliance

Home SOC Compliance

SOC Compliance

The SOC 2 audit is based on a set of criteria that are used in evaluating controls relevant to the security, availability, processing integrity, confidentiality, or privacy of a system. What system components are evaluated during a SOC 2 audit? • Infrastructure (physical, IT, or other hardware such as mobile devices) • Software (application programs and IT system software that supports application programs, such as OS and utilities) • People (all personnel involved in the use of the system) • Processes (all automated and manual procedures) • Data (transmission streams, files, databases, tables, and output used or processed by a system)