SOC 2 COMPLIANCE CHECKLIST

Page 1

KirkpatrickPrice

Innovation. Integrity. Delivered.

SOC 2 Compliance Checklist

The SOC 2 audit is based on a set of criteria that are used in evaluating controls relevant to the security, availability, or processing integrity of a system, or the confidentiality or privacy of the information processed by the system. What system components are evaluated during a SOC 2 audit? • Infrastructure (physical, IT, or other hardware such as mobile devices) • Software (application programs and IT system software that supports application programs, such as OS and utilities) • People (all personnel involved in the use of the system) • Processes (all automated and manual procedures) • Data (transmission streams, files, databases, tables, and output used or processed by a system)

What are your auditors looking for? • Fairness of the presentation of a description of a service organization’s system relevant to one or more of the Trust Services Criteria • Design and operating effectiveness of a service organization’s controls over a system relevant to one or more of the Trust Services Criteria What are the Trust Services Criteria? • Security • Availability • Confidentiality • Processing Integrity • Privacy

16057 W. Tampa Palms Blvd. | #134 | Tampa, FL 33647 | kirkpatrickprice.com | 800.770.2701

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.