401‐reading 1 - Skalyx866/Notes GitHub Wiki

How would you convince your future company to pursue SOC2 compliance?

I would convince them by saying that the SOC2 compliance are not a hard set of rules but are more of a framework that will help instill trust to the clients or the customers

What are the five SOC2 Trust Principles?

The five SOC2 Trust Principles are: security, confidentiality, availability, integrity, and privacy.

How would your explain the three levels of the SOC2 pyramid in an analogy your friends or former colleagues would understand?

The three levels of the SOC2 pyramid can be explained really simply, you tell everyone what you are going to do, you do it, and then you document it so you can show everyone that you did do it.

Source: The Ultimate Guide to SOC 2 Compliance

Things I would like to learn more about

I would like to learn more about the SOC2 principles and how to get certified in it and see what I can do to make it better.