Compliance Glossary

Welcome to our list of commonly used security and compliance terms.

There are two types of SOC 2 reports: Type I and Type II. 

A Type I report is a point-in-time report that assesses how your security controls are designed. 

A SOC 2 Type 2 report examines how well a service organization's system and controls perform over a period of time (typically 3-12 months). 

Both report types require an external audit by an AICPA-accredited CPA firm. Organizations that need a SOC 2 report as quickly as possible may opt for a Type I report, which takes less time to complete. However, SOC 2 Type II reports hold more weight with customers and will be necessary for most companies to achieve. 

ebook-logo

Recommended Reading

SOC 2 Type 1 vs Type 2

Read More

Join the thousands of companies using Secureframe