supernav-iconSubscribe to our newsletter, Trusted.
HomeCompliance GlossaryWhat is a SOC Auditor?

What is a SOC Auditor?

To obtain a SOC 2 audit and report, an organization’s security measures must be reviewed and verified by a certified auditor. Only licensed CPA firms can perform a SOC 2 examination.


SOC auditors are independent CPAs who work with the SOC (System and Organization Controls) suite to evaluate and report on the controls in place at a service organization, relevant to a set of criteria known as the Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, or Privacy. A SOC 2 auditor’s independent verification of an organization’s security systems is intended to help service organizations provide their customers and prospects with valuable information about how they manage data and information security.


Working with a CPA and certified SOC 2 auditor is a key part of obtaining a SOC 2 report.

Join the thousands of companies that trust Drata

See All Case Studies
Abnormal Logo
Airbase
BambooHR Logo
BigID Logo
Clearbit Logo
Clearco Logo
Fivetran Logo
Lemonade Logo
Notion Logo
SoFi Logo
Vercel Logo
Wordpress VIP

View Drata Glossary

Learn more about other compliance and cybersecurity concepts in our glossary.

Read More

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company’s security controls, while streamlining workflows to ensure audit-readiness.

Solutions

StartupScaleEnhanceDrata PlatformIntegrations
Frameworks
SOC 2ISO 27001HIPAAGDPRCustom FrameworksAll Frameworks
Resources
BlogWebinarsCompliance GlossaryCommunity
Company
Careers
HIRING
CustomersAuditorsPartnersPressContact Us
Trust
Security and ComplianceTrust CenterSystem Status
Become a Trusted Newsletter Insider

The latest security and compliance news, delivered.

Secured DesktopSecured Desktop

© 2022 Drata Inc. All rights reserved.

Privacy PolicyGDPRTermsDisclosure Policy