// Level 2 · Trust Categories
SOC 2 (Trust Services Criteria)
AICPA Trust Services Criteria for service organizations — five trust categories.
33 controls
Security (Common Criteria)
CC1–CC9 — controls common to all engagements: governance, risk, access, change management, monitoring.
Browse controls
3 controls
Availability
System availability for operation and use as committed.
Browse controls
5 controls
Processing Integrity
System processing is complete, valid, accurate, timely, and authorized.
Browse controls
2 controls
Confidentiality
Information designated as confidential is protected.
Browse controls
12 controls
Privacy
Personal information is collected, used, retained, disclosed, and disposed of properly.
Browse controls