Skip to main content
Version: Next

SOC2

SOC2 is a voluntary compliance standard for service organizations, developed by the American Institute of CPAs (AICPA), which specifies how organizations should manage customer data. SOC2 can be applicable to service organizations from any industry, however, it is most commonly used by technology based service organizations. Zeron provides a total of 18 controls classified under 6 categories for the SOC2 framework. The page for this module is made up of the following sections:

  • Dashboard
  • Controls
  • Policies

(This page only provides an overview. To know more in-depth about each section, please click here.)

Dashboard

An overview of the total number of controls and the percentage of those applied by the user can be seen in the ‘Dashboard’ section.

SOC2 1

Controls

The ‘Controls’ section provides the user with more details such as implementation guidance, recommended tools and category for each of the 18 controls under this framework.

SOC2 2

Zeron also provides a table of ‘Recent Risks’ for all the controls that have been implemented.

SOC2 3

Policies

The ‘Policies’ section helps in tracking the implementation of the controls. It is made up of two subsections:

Uploaded PoliciesPending Policies
Contains the list of controls that have been implemented to date.Contains the list of controls that haven’t been implemented yet.
Used for editing or viewing the implemented controls.Used for implementing new controls.
SOC2 4SOC2 5

Clicking on a particular control provides more information about it.

SOC2 6

To implement a new control, go to the ‘Pending Policies’ section and click on the edit icon on the right-hand side of the control you wish to implement.

SOC2 7

Fill in the given form to successfully implement the control.

SOC2 8