SOC 2
Audit framework for service organizations covering security, availability, and confidentiality.
SOC 2 is an attestation framework developed by the AICPA that evaluates service organizations against five Trust Services Criteria — security, availability, processing integrity, confidentiality, and privacy. Type I reports cover design at a point in time; Type II reports cover operating effectiveness over a period (typically 6-12 months).