By clicking “Accept”, you agree to the use of cookies on your device in accordance with our Privacy and Cookie policies.

Manage CookiesACCEPT
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Blogs
Glossary
Guides
Videos

Follow us

GLOSSARY
SOC 2
SOC reports

What is a SOC report?

A service organization controls (SOC) report is a way to verify that an organization is following specific best practices related to protecting their clients’ data before you outsource a business function to that organization.

These best practices are related to finances, security, processing integrity, privacy, and availability. The reports, which are created and validated by third-party auditors, are built to provide independent assurance and to help potential customers/partners understand any potential risks involved in working with the organization that was evaluated.

You may decide to pursue a SOC report because you’re working to sign on a client who values security, or your own company works with sensitive data and you want to be proactive in setting up security controls.

Depending on the information needed and the types of organizations involved, there are several versions of SOC reports.


SOC 1, SOC 2 & SOC 3

You may also hear “SOC” referring to a security operations center. That’s a separate definition and meaning that doesn’t impact your compliance obligations.

Additional resources you might like:

Blog
Product updates

New in Vanta | November 2022

In this month’s product update, we’re thrilled to announce Access Reviews, our new Monitors page, additional integrations, support for OFDSS & ISO 27001:2022, and more.

Video
Security

Coffee & Compliance: The future of endpoint security

Join us for our newest episode of Coffee & Compliance, where we discuss the future of endpoint security with Scott Simkin, VP, Portfolio and Product Marketing from CrowdStrike.

Guide
NIST

The ultimate guide to NIST 800-171

Jumpstart your NIST 800-171 compliance with Vanta's complete guide to this legally required security standard.

The compliance news you need. Delivered securely to your inbox.

Everything you need to get compliance audit ready, fast.

GET STARTED TODAYGET STARTED TODAY

Vanta is the easy way to get and stay compliant. Thousands of fast-growing companies depend on Vanta to automate their security monitoring and get ready for security audits in weeks, not months. Simply connect your tools to Vanta, fix the gaps on your dashboard, and then work with a Vanta-trained auditor to complete your audit.

Products
SOC 2ISO 27001GDPRHIPAAPCI DSSCCPAAdditional FrameworksIntegrations
Customers
Customer Case Studies
Resources
BlogsGuidesGlossaryVideosAll Resources
Company
AboutCareersPressSecuritySystem StatusTrust Report
Manage CookiesTermsPrivacy