SOC 2

Framework

The AICPA's Trust Services Criteria report. Type I attests a point-in-time control design; Type II attests operating effectiveness over a period (typically 6–12 months).

The five Trust Services Criteria

Security (the only mandatory criterion) — Common Criteria CC1–CC9.
Availability — A1.x
Processing Integrity — PI1.x
Confidentiality — C1.x
Privacy — P1.x–P8.x

What Argitron delivers

SOC 2 evidence pack on the free Community tier. CC controls map to the same underlying control library as ISO 27001 Annex A — implement once, satisfy both. Continuous evidence collection means the auditor's request list is mostly already populated when the engagement starts.

SOC 2 starter pack on the free tier.

Up to 25 assets, forever. Production use OK.

Start free See pricing Talk to a human →