SOC 2 Overview
Join the thousands of companies using Secureframe
Safeguarding customer and business data is a growing priority for companies across industries and growth stages, and a SOC 2 audit is becoming an essential piece of the security puzzle.
If you’re wondering what SOC 2 is and why it’s so important, you’re in the right place.
This is the ultimate SOC 2 overview made for beginners.
We’ve broken down the SOC 2 framework into a series of clear-cut, jargon-free primers on the fundamentals of SOC 2 compliance.
You’ll learn the differences between SOC standards, the essentials of the AICPA Trust Services Criteria, how to implement SOC 2 controls — everything you need to understand the requirements of SOC 2 and decide if pursuing compliance is the right choice for your business.
What is SOC 2?
What is SOC 2, exactly? Who needs a SOC 2 report, and when? Find the answers to common questions around SOC 2 compliance.
Explore ResourceWhy is SOC 2 Important?
Is SOC 2 compliance worth the time and effort? Discover the many benefits of SOC 2 compliance for growing companies.
Explore ResourceSOC 1 vs SOC 2 vs SOC 3
See the differences between the three types of SOC reports to decide which type of compliance you need.
Explore ResourceTrust Services Criteria
Get familiar with the five AICPA Trust Services Criteria, which form the foundation of SOC 2 compliance.
Explore ResourceCommon Criteria
Every SOC 2 audit includes the Common Criteria. Learn what the Common Criteria are so you’ll know what to expect.
Explore ResourceSOC 2 Controls
Learn more about the internal controls companies need to put in place to become compliant with SOC 2.
Explore ResourceThe History of SOC 2
Understand the purpose of SOC 2 by learning how and when the framework was created by the American Institute of Certified Public Accountants (AICPA).
Explore Resource