A cybersecurity framework developed by the American Institute of Certified Public Accountants (AICPA) to help organizations protect customer data from unauthorized access and other threats. SOC 2 audits are voluntary and assess an organization’s controls around the Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. Achieving SOC 2 compliance demonstrates a company’s commitment to data security and builds trust with customers.