Loading controls...
Benchmark: SOC 2
Overview
System and Organization Controls (SOC) 2 is an auditing procedure that ensures a company's data is securely managed.
System and Organization Controls (SOC), defined by the American Institute of Certified Public Accountants (AICPA), is the name of a suite of reports produced during an audit. It's intended for use by service organizations (organizations that provide information systems as a service to other organizations) to issue validated reports of internal controls over those information systems to the users of those services. The reports focus on controls grouped into five categories known as Trust Service Principles.
Usage
Browse dashboards and select SOC 2:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.soc_2Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.soc_2Benchmarks
- CC1 Common Criteria Related to Control Environment
- CC2 Common Criteria Related to Communication and Information
- CC3 Common Criteria Related to Risk Assessment
- CC4 Monitoring Activities
- CC6 Logical and Physical Access
- CC7 System Operations
- CC8 Change Management
- A1 Additional Criterial for Availability
- C1 Additional Criterial for Confidentiality