Strategic Policy Development (SOC 2) - Salem73616C656D/reading-notes GitHub Wiki

Key Takeaways

SOC 2: a framework that sends a strong signal that an organization prioritizes key attributes: security, availability, processing integrity, confidentiality, and privacy.

Security: Foundational security principle, common to all audits

Confidentiality: Protection from unauthorized disclosure of sensitive data

Availability: Protection that systems or data will be available as agreed or required

Integrity: Protection that systems or data are not changed in an unauthorized manner

Privacy: The use, collection, retention, disclosure, and disposal of personal information is protected

Vocabulary

No new vocabulary

Conclusion

SOC 2 is a framework to follow for security compliance.