The American Institute of Certified Public Accountants (AICPA) developed and oversees the System and Organization Controls (SOC) framework. That framework is the basis for SOC 2 and its variants. Five AICPA-developed SOC Trust Services Criteria (TSC) are the foundation of the framework — Security, Availability, Processing Integrity, Confidentiality, and Privacy.
The AICPA certifies both CPAs and SOC 2 auditors. The organization was founded in the United States in 1887. It boasts more than 430,000 members in more than 130 countries.
To become a CPA, each candidate must take a stringent certification exam. They must also pass regular professional education courses to retain their certification. There are currently 669,000+ actively licensed CPAs around the globe.
SOC 2 auditors must first become CPAs. Candidates must then pass a detailed examination and commit to extensive specialized education. Those candidates must also gain a year’s worth of experience working with a CPA and commit to continuing professional training.
The AICPA also issues logos both CPAs and service organizations can use to show that they are SOC-compliant.
Trustero Compliance as a Service (CaaS) is cloud-based, easy-to-use compliance automation software. It includes multiple features designed to simplify SOC 2 audit readiness and enable continuous compliance.
For example, the Trustero platform includes auditor-approved controls and auditor-vetted policy templates. You can use these as they are, modify them as needed, and easily add your own controls. These features make audits and reports faster and easier to complete, for you and your auditor.
In addition, the Trustero solution constantly monitors your technology infrastructure and can notify administrators when an element falls out of SOC 2 compliance. Trustero CaaS also integrates with leading Software as a Service (SaaS) tools and platforms. And Trustero Compliance as a Service provides detailed reports on your infrastructure and your compliance posture, regularly and on demand. These features help you achieve and sustain continuous compliance. They also help you pass future audits with less disruption and strengthen many of your core operational processes.