Compliance & Regulatory Tools
SOC 2 Control Reference
Search SOC 2 criteria by control code, category, or audit concept. Covers all Trust Services Criteria with Type I/II differences and common auditor focus areas.
No data is transmitted — everything runs locallyTool
About this tool
SOC 2 Control Reference
The SOC 2 Control Reference covers all Trust Services Criteria across Security, Availability, Confidentiality, Processing Integrity, and Privacy with Type I/II and bridge letter guidance.
• Look up CC6 logical access controls before an audit preparation session
• Understand Type I vs Type II difference before advising a customer on report type
• Reference CC7 monitoring requirements for a compliance gap assessment
• Find the audit period requirements before signing a SOC 2 engagement
Next step
Breach Notification Timeline Calculator — Calculate breach notification deadlines from discovery date across GDPR, HIPAA, PCI, and state laws.
Open Breach Notification Timeline Calculator →
FAQ
What does this tool tell you?
The SOC 2 Control Reference covers all Trust Services Criteria across Security, Availability, Confidentiality, Processing Integrity, and Privacy with Type I/II and bridge letter guidance.
What affects the result most?
SOC 2 Trust Services Criteria: Security (CC), Availability (A), Confidentiality (C), Processing Integrity (PI), Privacy (P). CC6: Logical and Physical Access — MFA, access reviews, least privilege — most commonly tested. CC7: System Operations — monitoring, incident response, change management.
How should I use the result?
Use this tool to orient quickly to the concepts, field names, or values you are about to look up in a full specification or vendor documentation. It summarizes the common cases; the authoritative source remains whichever standard or vendor doc defines the values themselves.