Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Blogs
Events
Glossary
Guides and reports

Follow us

Linkedin iconFacebook icontwitter iconinstagram icon

What is SOC 2 compliance?

SOC 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality and privacy. SOC 2 compliance was developed by the American Institute of CPAs (AICPA).


SOC 2 compliance reports are unique to each organization. In line with specific business practices, each designs its own controls to comply with one or more of the trust principles. These internal reports provide you (along with regulators, business partners, suppliers, etc.) with important information about how your service provider manages data.


There are two types of SOC compliance reports:


  • Type I describes a vendor’s systems and whether their design is suitable to meet relevant trust principles as of a specified date
  • Type II details the operational effectiveness of those systems throughout a specified period.


You may want to pursue a SOC 2 report if you handle customer data and/or you work with larger enterprises who will want to ensure that you are a secure vendor.

{{cta_withimage1="/cta-modules"}}

Related Terms

Additional resources you might like:

Compliance
Events
Getting Ready for APRA CPS 230/234 Compliance

Join our Q&A-led session that will highlight the most common CPS 234 readiness questions, and explore how CPS 230 builds on these foundations.

Comparisons and reviews
Blog
The best SOC 2 compliance software for 2026

Discover the best ISO 27001 compliance software options for 2026: Vanta, Drata, Secureframe, Devle and Sprinto.

Comparisons and reviews
Blog
The best ISO 27001 compliance software for 2026

Discover the best ISO 27001 compliance software options for 2026, including Vanta.

Additional resources you might like:

Compliance
Events
Getting Ready for APRA CPS 230/234 Compliance

Join our Q&A-led session that will highlight the most common CPS 234 readiness questions, and explore how CPS 230 builds on these foundations.

Comparisons and reviews
Blog
The best SOC 2 compliance software for 2026

Discover the best ISO 27001 compliance software options for 2026: Vanta, Drata, Secureframe, Devle and Sprinto.

Comparisons and reviews
Blog
The best ISO 27001 compliance software for 2026

Discover the best ISO 27001 compliance software options for 2026, including Vanta.

Compliance
Events
Committed to Trust: How Our Customers Turn Promises into Proof

Join us for a panel with leaders from GitHub, Modern Treasury, and Vanta’s own GRC team, where we’ll dig into what it really takes to build trust into the way you work.

Compliance
Blog
What is vendor compliance, and why does it matter?

Learn about vendor compliance and its key regulations and requirements across industries.

Compliance
Blog
CRI Cyber Profile: A complete guide for financial institutions

Get in-depth insights into the CRI Cyber Profile and what it means for financial institutions.

Compliance
Blog
How to choose the right AI standard: A 7-point guide

Discover the seven essential questions that help you choose an AI standard for your organization.

Compliance
Blog
Government contracting compliance 101: Everything you should know

Understand the regulations and standards government contractors must meet—and the challenges involved.

Compliance
Events
Beyond Compliance: Building a Scalable Trust Program with Vanta

Join us to see how high-growth companies use Vanta to build trust, stay audit-ready, and scale with confidence.

Get compliant and build trust—fast

Request a demo
G2 Badge Winter 2026 LeaderG2 Badge Winter 2026 Enterprise LeaderG2 Badge Milestone 'Users Love Us'