SOC is a set of standards that allow companies to demonstrate they are managing and regulating information properly. SOC stands for “service and organisation controls;” developed by the American Institute of Certified Public Accountants (AICPA), these regulations exist to give companies peace of mind when exchanging customer data with third-party vendors. Of the available SOC audits, SOC 2 compliance is the most thorough—and the most relevant to companies storing customer data in the cloud. What differentiates SOC 2? SOC compliance nets out in a variety of reports depending on a company’s unique requirements. There are three main SOC assessments: SOC 1 focuses on auditing internal financial controls and the reliability of financial reporting. SOC 2 is a technical audit that tests whether a businesses’ systems are appropriately set up to ensure the security, availability, processing integrity, confidentiality, and privacy of customer data. SOC 3 is designed to give users reassurance.