-
Notifications
You must be signed in to change notification settings - Fork 0
01 Notes.md
SOC 2 isn't a set of hard and fast rules. Rather, it is a framework that sends a strong signal that an organization prioritizes key attributes: security, availability, processing integrity, confidentiality, and privacy.
SOC2 compliance is a widely recognized and respected standard for data security and privacy. It can also improve the company's ability to win new business by demonstrating a commitment to protecting sensitive information.
- Security
- Availability
- Processing integrity
- Confidentiality
- Privacy
How would your explain the three levels of the SOC2 pyramid in an analogy your friends or former colleagues would understand?
Think of the SOC2 like a 3 story building. Each level represents a different level of assurance that a company can provide to its customers about security and privacy. The first level of the building or level one of the SOC2 pyramid is the foundation and provided basic security. Level 2 or the second floor of the building is a step up from the first floor and provides higher levels of security to include cameras and motion sensors. Finally, the third floor or level 3 is like having a full-time security detail 24/7.