Service Organization Control 2 definition

Service Organization Control 2 or “SOC 2” means the internal controls in place at the third-party service organization. For a company to receive SOC 2 certification, it must have sufficient policies and strategies that satisfactorily protect the client’s data.
Sample 1Sample 2Sample 3
Service Organization Control 2 or “SOC 2” means the internal controls at the third-party service relevant to security, availability, processing integrity, confidentiality, or privacy for a company to receive SOC 2 certification, it must have sufficient policies and strategies that satisfactorily protect the client’s data.
Sample 1Sample 2Sample 3

Examples of Service Organization Control 2 in a sentence

  • If the solution is cloud based, the Contractor must obtain an annual audit that meets the American Institute of Certified Public Accountants (AICPA) Statements on Standards for Attestation Engagements (“SSAE”) No. 16, Service Organization Control 1 Type 2 and Service Organization Control 2 Type 2.

  • Okta will conform with security protocols which are further described in Okta’s most recently completed Service Organization Control 2 (SOC 2) audit reports or other similar independent third-party annual audit report (“Audit Report”).

  • The data importer also regularly undergoes Service Organization Control 2 (SOC 2) Type II audits.

  • Such Security Program will conform with the Okta security protocols which are further described in Okta’s most recently completed Service Organization Control 2 (SOC 2) audit reports or other similar independent third party annual audit report (“Audit Report”).

  • Such security program will conform to the Security Exhibit attached as Exhibit A, and is further described the most recent Service Organization Control 2 (SOC2 Type II) (or substantially similar industry standard report).

  • Assessment scope may vary based on classification(s), and may include review of standardized assessment reports, such as Service Organization Control 2 (SOC 2) and Payment Card Industry (PCI) Attestation of Compliance (AoC), customized questionnaires, or other appropriately rigorous processes.

  • A SOC-2 Report (or agreed upon equivalent), more formally known as Service Organization Control 2 Report, reports on a vendor’s organizational controls related to security, availability, processing integrity, confidentiality, or privacy.

  • Zadara has completed Service Organization Control 2 (SOC 2) Type II and ISO 27001 audits for the Services, which were conducted by an independent auditor that evaluated the design and effectiveness of Zadara security policies, procedures, and controls.

  • DPH requires review of the providers most recent Service Organization Control 2 Report (“SOC 2 Type II Audit”), HIPAA Controls Assessment Summary and PCI-DSS Audit.

  • If the solution is cloud based, the Contractor must obtain an annual audit that meets the American Institute of Certified Public Accountants (AICPA) Statements on Standards for Attestation Engagements (“SSAE”) No. 16,Service Organization Control 1 Type 2 and Service Organization Control 2 Type 2.

Related to Service Organization Control 2

  • Health maintenance organization means a person licensed pursuant to Chapter 43 (§ 38.2-4300 et

  • Member organization means any individual, corporation, limited liability company, partnership, or association that belongs to an association.

  • Managed care organization means an entity that (1) is under contract with the department to provide services to Medicaid recipients and (2) meets the definition of “health maintenance organization” as defined in Iowa Code section 514B.1.

  • Community-based organization means a public or private nonprofit organization that is representative of a community or a significant segment of a community, and is engaged in meeting human, educational, environmental, or public safety community needs.

  • Regional economic integration organization means an organization constituted by sovereign States of a given region to which its member States have transferred competence in respect of matters governed by this Convention and which has been duly authorized, in accordance with its internal procedures, to sign, ratify, accept, approve or accede to this Convention;