Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

Blogs

Events

Glossary

Guides and reports

What are the SOC Trust Services Criteria?

‍

The Trust Services Criteria (formerly Trust Services Principles) are control criteria utilized to evaluate and report on the suitability of the design and operating effectiveness of controls relevant to the Security, Availability, Processing Integrity, Confidentiality, or Privacy of an organization’s information and systems. The Trust Services Criteria are established by the Assurance Services Executive Committee (ASEC) of the American Institute of Certified Public Accountants (AICPA).

‍

The five Trust Services Criteria comprise the evaluation structure of a SOC 2 audit and report. All SOC 2 reports include the Security category; the other four categories are optional and a company may include them according to its customers’ needs and its unique business model.

‍

The Trust Services Criteria represent the framework by which organizations are evaluated for SOC 2 compliance. Of the five criteria, the Security category is required to obtain a SOC 2 audit, and many early-stage startups may choose to start the SOC 2 process with an evaluation of the Security category only.

‍

Related Terms

Additional resources you might like:

Compliance

Vanta events | Vanta

Live Demo: Automating Compliance for ISO 27001, GDPR and more with Vanta

Unlock the power of automated compliance and streamlined security workflows—join our live demo to see how Vanta can save you time, money, and help build trust with your customers.

Compliance

Vanta events | Vanta

Live Demo: Automating Compliance for SOC 2, ISO 27001, HIPAA, and More

Discover how Vanta’s automation tools can simplify compliance for SOC 2, ISO 27001, HIPAA, and more, helping you build a stronger security foundation with ease.

Compliance

Vanta events | Vanta

Live Demo: Simplify ISO 27001 and SOC 2 Compliance to Fuel Growth

See how Vanta can simplify and automate your compliance efforts, helping you scale your business while building trust with customers!

Product updates

Vanta events | Vanta

Trust is a Team Sport

Jeremy Epling (CPO at Vanta) introduces new product capabilities designed with teamwork in mind. Watch to see how Vanta can help you collaborate easily with your extended team of employees, vendors, auditors, and customers—and win together.

Compliance

Vanta events | Vanta

Live Demo: Automate compliance to fuel your startup's growth

Discover how automating compliance can streamline processes, save time, and fuel your startup’s growth.

ISO 42001

Vanta events | Vanta

Compliance for AI in Europe: Preparing for Emerging AI Laws and Regulation

Explore how ISO 42001 and the EU AI Act help your company stay compliant, secure, and ahead of evolving AI regulations with expert insights and practical strategies.

ISO 27001

Vanta events | Vanta

Live Demo: Simplify ISO 27001 and SOC 2 compliance with Vanta

See how Vanta automates up to 90% of your ISO 27001 and SOC 2 compliance work, saving you time and reducing manual effort.

Compliance

Vanta events | Vanta

Live Demo: Automating security and compliance workflows

Discover how automation, continuous monitoring, and centralized workflows can streamline your GRC program, enhance control visibility, and improve vendor and buyer security management—all within a single platform.

GRC

Vanta events | Vanta

Unlocking the ROI of GRC: The Business Value of Vanta

Discover how Vanta empowers organizations to achieve exceptional results in their Governance, Risk, and Compliance (GRC) programs.

Follow us

What are the SOC Trust Services Criteria?

Related Terms

Additional resources you might like:

Additional resources you might like:

Get compliant and build trust—fast