Cybersecurity

Josef Kamara, CPA, CISSP, CISA · Updated May 6, 2026 · 1 minute read

SOC 2

Service Organization Control 2, an audit framework developed by AICPA that evaluates a service organization\'s controls across five Trust Services Criteria. SOC 2 reports are the standard due diligence requirement for SaaS vendors handling customer data.

From the library

The full analysis on SOC 2.

The article is where the term meets the practitioner. Read how this concept actually shows up in audit, in remediation, and in the boardroom.

Read the analysis →
The Authority Brief

One compliance analysis per week from Josef Kamara, CPA, CISSP, CISA. Federal and private compliance, written for practitioners.