3 Things CTO's Should Know About SOC 2 Compliance

We partnered with SecFix on this article to share the differences between ISO 27001 certification and SOC 2 completion, and how you can leverage your work from one to the other.

Interviewing auditors is a necessary step in the process as you begin your SOC exam. Here we outline some questions and considerations to help you along the way.

There is nuance to this question, and other well-meaning and very smart people that I respect might give a different answer. But within the volumes of literature that set the standards, the true answer is this: There are absolutely no control requirements for SOC 2 reports.