top of page
SOC 2
Consultancy
HOW WE CAN HELP
What is SOC 2?
Systems and Organization Controls 2 (SOC 2) is an audit process that evaluates your organization’s ability to securely manage the data you collect and use during business operations. By undergoing a SOC 2 audit, your organization demonstrates that it’s is able to meet the security criteria that prospective customers need to see in order to confidently share their data (and often their customers’ data) with you.
What does the SOC 2 audit cover?
Whether you choose to undergo a SOC 2 Type 1 or Type 2 audit, your organization will report and be evaluated on the information and systems you use to support the five Trust Services Criteria:
-
Security (mandatory);
-
Availability (optional);​
-
Processing Integrity (optional);
-
Confidentiality (optional);
-
Privacy (optional)
.
SOC 2 Type 1 Report
A SOC 2 Type 1 report attests to the design of controls at a single point in time. SOC 2 auditors will review evidence from your systems as it exists at a “moment in time” and describe your organization’s system.
SOC 2 Type 2 Report
A SOC 2 Type 2 report attests to both the design and the operating effectiveness of controls over a defined period of time, usually between 3-12 months. This type of SOC 2 audit provides assurance of not just how your systems are set up, but how they are used on a day-to-day basis.
How AKRUP. can help with SOC 2 audits?
AKRUP consultants will help you to prepare for the SOC 2 audit by ensuring you have all required documentation and the test of evidence.
We provide full support before and during the audit, including continuous support for SOC 2 Type 2 compliance.
bottom of page