A security questionnaire is a tool that an enterprise may circulate to service organizations to evaluate and validate an organization’s security practices before choosing to do business with that organization. Each enterprise seeking information about a company’s security practices may develop its own security questionnaire.

Obtaining a SOC 2 audit and report can offer a service organization the opportunity to get out ahead of lengthy customized security questionnaires answered on a customer-by-customer basis, by producing a single standardized assessment and documentation of the organization’s verified security practices.