Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is a SOC report?

A service organization controls (SOC) report is a way to verify that an organization is following specific best practices related to protecting their clients’ data before you outsource a business function to that organization.

These best practices are related to finances, security, processing integrity, privacy, and availability. The reports, which are created and validated by third-party auditors, are built to provide independent assurance and to help potential customers/partners understand any potential risks involved in working with the organization that was evaluated.

You may decide to pursue a SOC report because you’re working to sign on a client who values security, or your own company works with sensitive data and you want to be proactive in setting up security controls.

Depending on the information needed and the types of organizations involved, there are several versions of SOC reports.

SOC 1, SOC 2 & SOC 3

You may also hear “SOC” referring to a security operations center. That’s a separate definition and meaning that doesn’t impact your compliance obligations.

Additional resources you might like:

Product updates
Introducing new products to secure and accelerate an AI-powered future

Today we’re excited to announce new and upcoming product capabilities that empower you to accelerate innovation and strengthen security in an increasingly AI-driven world.

Leverage Security and Compliance to Win Over Prospects

Curious about how security and compliance can help you build trust and win over prospects? On December 13th at 8:30am PST / 4:30pm GMT, join our AMAA

Product updates
New in Vanta | October 2023

This past month, we announced the single destination to showcase your security posture, Vanta Trust Center, 19 new integrations, Private links for Vendor Risk Management, and more.

Get compliant and
build trust, fast.