Loading controls...
Benchmark: SOC 2
Overview
System and Organization Controls (SOC) 2 is an auditing procedure that ensures a company's data is securely managed.
System and Organization Controls (SOC), defined by the American Institute of Certified Public Accountants (AICPA), is the name of a suite of reports produced during an audit. It's intended for use by service organizations (organizations that provide information systems as a service to other organizations) to issue validated reports of internal controls over those information systems to the users of those services. The reports focus on controls grouped into five categories known as Trust Service Principles.
Usage
Browse dashboards and select SOC 2:
steampipe dashboard
Or run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.soc_2
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.soc_2
Benchmarks
- CC1 Common Criteria Related to Control Environment
- CC2 Common Criteria Related to Communication and Information
- CC3 Common Criteria Related to Risk Assessment
- CC4 Monitoring Activities
- CC6 Logical and Physical Access
- CC7 System Operations
- CC8 Change Management
- A1 Additional Criterial for Availability
- C1 Additional Criterial for Confidentiality