How can I help with SOC 2?
Free AI guidance for SOC 2 compliance.
- Scope the Trust Services Criteria
- Explain a Common Criteria control
- Type I vs Type II report
About the SOC 2 assistant
Seeded with SOC 2 concepts: the five trust services categories (security, availability, processing integrity, confidentiality, and privacy), the Common Criteria for security, defining your system and report scope, readiness assessments, and the difference between Type I and Type II examinations.
- Decide which trust services categories belong in your report scope.
- Work through the Common Criteria (CC1 to CC9) and map your controls to them.
- Prepare for a readiness assessment and choose between a Type I and a Type II report.
It gives implementation guidance to speed up your work. It does not replace a licensed CPA firm, and a SOC 2 report is an attestation, not a certification.
Read the full SOC 2 guide