Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What are the SOC Trust Services Criteria?

The Trust Services Criteria (formerly Trust Services Principles) are control criteria utilized to evaluate and report on the suitability of the design and operating effectiveness of controls relevant to the Security, Availability, Processing Integrity, Confidentiality, or Privacy of an organization’s information and systems. The Trust Services Criteria are established by the Assurance Services Executive Committee (ASEC) of the American Institute of Certified Public Accountants (AICPA).


The five Trust Services Criteria comprise the evaluation structure of a SOC 2 audit and report. All SOC 2 reports include the Security category; the other four categories are optional and a company may include them according to its customers’ needs and its unique business model.


The Trust Services Criteria represent the framework by which organizations are evaluated for SOC 2 compliance. Of the five criteria, the Security category is required to obtain a SOC 2 audit, and many early-stage startups may choose to start the SOC 2 process with an evaluation of the Security category only.

{{cta_withimage1="/cta-modules"}}

Additional resources you might like:

Product updates
Event
The Future of GRC

Join our virtual event broadcast to hear product updates and renowned security experts on the future of GRC.

Compliance
Event
Save time on security reviews with Questionnaire Automation & Trust Center

Join us to learn how Questionnaire Automation & Trust Center help security teams with questionnaires.

HIPAA
Event
Choosing the right HITRUST certification level and streamlining implementation

As an authorized reseller, Vanta’s pre-built HITRUST solution natively includes the necessary controls, documents, and policies - eliminating the manual “do-it-yourself” approach that other platforms require. Curious to see this in action? Join Vanta and HITRUST for a live session!

Additional resources you might like:

Product updates
Event
The Future of GRC

Join our virtual event broadcast to hear product updates and renowned security experts on the future of GRC.

Compliance
Event
Save time on security reviews with Questionnaire Automation & Trust Center

Join us to learn how Questionnaire Automation & Trust Center help security teams with questionnaires.

HIPAA
Event
Choosing the right HITRUST certification level and streamlining implementation

As an authorized reseller, Vanta’s pre-built HITRUST solution natively includes the necessary controls, documents, and policies - eliminating the manual “do-it-yourself” approach that other platforms require. Curious to see this in action? Join Vanta and HITRUST for a live session!

Compliance
Event
How to Automate ISO 27001 & SOC 2 Compliance

Join Vanta’s 45-minute live product demo. Two of our team members will walk you through the platform and answer your questions in real time.

Compliance
Event
Demystifying the EU AI Act

Ready to Navigate the EU AI Act? Join us for our webinar, “Demystifying the EU AI Act” where we'll break down everything you need to know about this game-changing regulation.

Compliance
Event
How to Launch & Scale Your GRC Program Effectively with Vanta

Finding it challenging to launch or scale your GRC program? You’re not alone. Join our interactive webinar to get practical insights and solutions.

Compliance
Event
How Traffyk.ai Used Compliance to Unlock Enterprise Opportunities

Watch our webinar with Traffyk.ai as we demystify the compliance process. We will explore how Traffyk.ai, a SaaS Employee Communications Performance Platform, leveraged Vanta’s automation to streamline their ISO 27001 certification process, ultimately helping them secure enterprise clients.

Compliance
Event
How to Automate SOC 2 & ISO 27001 Compliance

Join Vanta’s 45-minute live product demo on August 7th at 11 am PST. Two of our team members will walk you through the platform and answer your questions in real time.

Compliance
Event
How to Automate ISO 27001 & SOC 2 Compliance

Curious about why compliance is so important, which businesses need it, and how Vanta's automation can help you quickly achieve it? Join Vanta’s 45-minute live product demo.