Ask a Question

Trust Service Criteria

How do I know which Trust Service Criteria should be in scope for my SOC2 audit?

compliance icon GRC Q&A
All Replies

Viewing 0 reply threads

  • This varies greatly by organization but an easy way to tell if you need to add a Trust Service Criteria beyond Security (this one is mandatory) is reviewing any customer comittments or contractual obligations your business may have made around any of the Trust Service Criteria (Security, Confidentiality, Processing Integrity, and Privacy).
    For more information on SOC2 Trust Service Criteria checkout Audit Dashboard and Gap Analysis in TrustOps.

Viewing 0 reply threads

Join the conversation