Protecting consumer data should be of utmost importance for organizations. In a world of increasing cybersecurity threats and data breaches, now is the time more than ever to put policies and procedures in place to ensure your customers are protected. If a company does not take measures to protect consumer data this could leave important information vulnerable to hacks and ultimately allowing for distrust in the organization. Organizations that are Soc 2 certified can bring consumers and fellow institutions at ease knowing that all measures are being taken to keep their data safe.
What is Soc 2 Compliance
Soc 2 was developed by the American Institute of CPA’s (AICPA) to provide for how organizations should manage customer data. Firms that are Soc 2 compliant pursue rigid auditing procedures to ensure that data is securely managed throughout their organization in connection with the organization’s service providers.
There are 2 Types of Soc Reports
- Type 1 - Describes a vendor’s systems and whether their design is suitable to meet relevant trust principles
- Type 2 - Details the operational effectiveness of those systems
Soc 2 follows 5 “Trust Service Principles”
Security, Availability, Processing Integrity, Confidentiality, and Privacy
![](https://cdn.prod.website-files.com/61defd209a0d98735d9f7480/61e1c332d140b4e94a28e868_61534b328180d16509945ac9_-egLojQEVOye8iabVzM3ZI1Jef0kYA3FB-cpleIunjTbPdkiRlzkeLWCEPL1I9POPggeFWKluG79ItsJtdkMcUbMR0KjoDdyJvd7hYEPU1xMV6Rs5wXoOEfrJnW7v-fn9vsoPT44%253Ds0.png)
Image From https://www.dashsdk.com/resource/soc-2-trust-services-criteria-tsc/
Which Industries Receive Soc 2 Compliance?
Managed Services, Banking and Financial Services, Software-as-a-Service (SaaS), Data Centers and Colocation Facilities, and Healthcare are all industries that benefit from Soc 2 compliance and protecting consumer data.
![](https://cdn.prod.website-files.com/61defd209a0d98735d9f7480/61e1c3322062ed45f6f15fa0_61534b310335b21a98613225_v4UmMdCCqEs7iLeX4RkAdmHkJtCvan9lDF-HVfLURZUJ8AtWSHlFRUqrtE0r7QRgxFvoTzRrOaqrY52jpfX-CZ5OgVTPUgkpmZ2FbdsoMOVsf1xI5i-qdfJR1t4rSpKEbpEZQAv0%253Ds0.png)
What are the steps to Receive Soc 2 Compliance?
Step 1) Bring In Credible Outside Auditors
Step 2) Select Security Criteria for Auditing
Step 3) Building a Roadmap to Soc 2 Compliance
Step 4) The Formal Audit
Step 5) Certification and Recertification - Annual Audits
What does this mean for ModernTax?
ModernTax recently received it’s Soc 2 Type I certification and is on the way to receive Soc 2 Type 2 certification. This allows for ModernTax to continue serving its clients & their customers with the highest level of security and protection.