Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is SOC 2 compliance?

SOC 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality and privacy. SOC 2 compliance was developed by the American Institute of CPAs (AICPA).


SOC 2 compliance reports are unique to each organization. In line with specific business practices, each designs its own controls to comply with one or more of the trust principles. These internal reports provide you (along with regulators, business partners, suppliers, etc.) with important information about how your service provider manages data.


There are two types of SOC compliance reports:


  • Type I describes a vendor’s systems and whether their design is suitable to meet relevant trust principles as of a specified date
  • Type II details the operational effectiveness of those systems throughout a specified period.


You may want to pursue a SOC 2 report if you handle customer data and/or you work with larger enterprises who will want to ensure that you are a secure vendor.

{{cta_withimage1="/cta-modules"}}

Additional resources you might like:

Compliance
Event
Fostering a culture of security in an AI world

Join our expert-led session to explore strategies for embedding a security-first culture in an AI-driven world. We'll address unique challenges and share actionable insights to help safeguard your organization.

Compliance
Event
Strategies for scaling your GRC program with automation and AI

As your business grows, there are increasing demands around GRC programs. Join us live, as we discuss what to consider when scaling your GRC program.

Security
Event
How Trust Centers Help Save Time and Accelerate Sales

Join us on October 3rd to discover how trust centers enhance customer confidence, streamline security processes, and drive sales growth, based on IDC’s latest research.

Additional resources you might like:

Compliance
Event
Fostering a culture of security in an AI world

Join our expert-led session to explore strategies for embedding a security-first culture in an AI-driven world. We'll address unique challenges and share actionable insights to help safeguard your organization.

Compliance
Event
Strategies for scaling your GRC program with automation and AI

As your business grows, there are increasing demands around GRC programs. Join us live, as we discuss what to consider when scaling your GRC program.

Security
Event
How Trust Centers Help Save Time and Accelerate Sales

Join us on October 3rd to discover how trust centers enhance customer confidence, streamline security processes, and drive sales growth, based on IDC’s latest research.

Compliance
Event
Streamline governance, risk, and compliance workflows and save hours

Join us to learn how Vanta can streamline governance, risk, and compliance workflows, automate control monitoring, and help your team save valuable time.

Compliance
Event
How to streamline ISO 27001 and SOC 2 compliance with automation

Join Vanta’s 45-minute live product demo to learn how Vanta can help you achieve security standards like ISO 27001 or SOC 2 move towards a state of continuous compliance.

Product updates
Blog
Vanta’s latest product capabilities accelerate compliance for startups

For startups, Vanta has what you need to get compliant fast and stay compliant with ease in one integrated platform.

Product updates
Event
The Future of GRC

Join our virtual event broadcast to hear product updates and renowned security experts on the future of GRC.

Compliance
Event
Save time on security reviews with Questionnaire Automation & Trust Center

Join us to learn how Questionnaire Automation & Trust Center help security teams with questionnaires.

HIPAA
Event
Choosing the right HITRUST certification level and streamlining implementation

As an authorized reseller, Vanta’s pre-built HITRUST solution natively includes the necessary controls, documents, and policies - eliminating the manual “do-it-yourself” approach that other platforms require. Curious to see this in action? Join Vanta and HITRUST for a live session!