Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Blogs
Events
Glossary
Guides and reports

Follow us

Linkedin iconFacebook icontwitter iconinstagram icon

What is SOC 2 compliance?

SOC 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality and privacy. SOC 2 compliance was developed by the American Institute of CPAs (AICPA).


SOC 2 compliance reports are unique to each organization. In line with specific business practices, each designs its own controls to comply with one or more of the trust principles. These internal reports provide you (along with regulators, business partners, suppliers, etc.) with important information about how your service provider manages data.


There are two types of SOC compliance reports:


  • Type I describes a vendor’s systems and whether their design is suitable to meet relevant trust principles as of a specified date
  • Type II details the operational effectiveness of those systems throughout a specified period.


You may want to pursue a SOC 2 report if you handle customer data and/or you work with larger enterprises who will want to ensure that you are a secure vendor.

{{cta_withimage1="/cta-modules"}}

Related Terms

Additional resources you might like:

Compliance
Events
Learn how to automate compliance for SOC 2, ISO 27001, and more

Register to learn how Vanta’s Agentic Trust Platform helps fast-moving startups and security teams get audit-ready fast and stay continuously compliant.

Compliance
Blog
How do you perform quarterly access reviews?

Without periodic access reviews, former employees may retain access to sensitive data after termination. Learn how to perform effective quarterly access reviews.

Product updates
Events
Turn Every Promise into Predictable Trust: Customer Commitments in Action

Join us for a live demo of Customer Commitments and see how Vanta turns contracts into structured, actionable intelligence.

Additional resources you might like:

Compliance
Events
Learn how to automate compliance for SOC 2, ISO 27001, and more

Register to learn how Vanta’s Agentic Trust Platform helps fast-moving startups and security teams get audit-ready fast and stay continuously compliant.

Compliance
Blog
How do you perform quarterly access reviews?

Without periodic access reviews, former employees may retain access to sensitive data after termination. Learn how to perform effective quarterly access reviews.

Product updates
Events
Turn Every Promise into Predictable Trust: Customer Commitments in Action

Join us for a live demo of Customer Commitments and see how Vanta turns contracts into structured, actionable intelligence.

Comparisons and reviews
Blog
The 4 best Trust Center products for 2026

Compare top platforms, key features, and buying criteria to find the right fit for compliance and sales teams.

SOC 2
Events
SOC 2 Basics: A 30 Minute Guide for Startups

Register to get a clear, founder-friendly intro to SOC 2 in just 30 minutes.

Security
Blog
How to request security budget from your CFO and exec teams

Bridge security and finance, show risk in dollars, and secure budgets.

Product updates
Blog
New in Vanta | March 2026

Vanta’s newest updates help you automate SSPs, unlock deeper integrations, and more.

Compliance
Blog
Government contracting compliance 101: Everything you should know

Understand the regulations and standards government contractors must meet—and the challenges involved.

Compliance
Events
Beyond the Checkbox: Scaling Compliance Across European Regulations

Watch to learn how to scale your compliance program across NIS2, DORA, and the EU AI Act — without duplicating controls or overwhelming your team.

Get compliant and build trust—fast

Request a demo
G2 Badge Winter 2026 LeaderG2 Badge Winter 2026 Enterprise LeaderG2 Badge Milestone 'Users Love Us'