What is SOC 2 Type II Compliance?

SOC is short for “system and organization controls,” and the controls are a series of standards designed to help measure how well a given service provider manages and regulates its information. SOC 2 is an in-depth external audit presented in a comprehensive final report that closely examines a company’s information systems, ensuring that its information security practices meet five trust principles established by The American Institute of CPAs (AICPA):

  1. Security

  2. Availability

  3. Processing integrity

  4. Confidentiality

  5. Privacy

Service Organization Control (“SOC 2”) certification awards businesses who demonstrate their ability to meet the institute’s high standards in each of those categories.

SOC 2 Type II certification is the most comprehensive certification within the Systems and Organization Controls protocol. Organizations looking to hire or work with a technology vendor will find SOC 2 Type II is the most useful certification when considering a possible service provider’s credentials.

For several years, DecisivEdge has been SOC 2 Type II certified, demonstrating our commitment to the above referenced five trust principles.