Content library
SOC 2

Requirements included in the framework

Policy
Linked frameworks
Framework
Tasks
Evaluation of current processing capacity
A1.1
SOC 2 (Systems and Organization Controls)
2
Recovery of infrastructure according to objectives
A1.2
SOC 2 (Systems and Organization Controls)
10
Testing of recovery plans
A1.3
SOC 2 (Systems and Organization Controls)
2
Identification and maintainment of confidental information
C1.1
SOC 2 (Systems and Organization Controls)
3
Disposal of confidental information
C1.2
SOC 2 (Systems and Organization Controls)
2
Management commitment
CC1.1
SOC 2 (Systems and Organization Controls)
4
Board of directors oversight
CC1.2
SOC 2 (Systems and Organization Controls)
1
Established responsibilities
CC1.3
SOC 2 (Systems and Organization Controls)
3
Competence of personnel
CC1.4
SOC 2 (Systems and Organization Controls)
5
Accountability for responsibilities
CC1.5
SOC 2 (Systems and Organization Controls)
4
Quality information to support internal controls
CC2.1
SOC 2 (Systems and Organization Controls)
4
Internal communication of information
CC2.2
SOC 2 (Systems and Organization Controls)
8
Communication with external parties
CC2.3
SOC 2 (Systems and Organization Controls)
7
Sufficient specifying of objectives
CC3.1
SOC 2 (Systems and Organization Controls)
5
Identification of risks related to objectives
CC3.2
SOC 2 (Systems and Organization Controls)
6
Potential of fraud is considered
CC3.3
SOC 2 (Systems and Organization Controls)
1
Identification and assesment of changes
CC3.4
SOC 2 (Systems and Organization Controls)
5
Security - Monitoring activities
CC4
SOC 2 (Systems and Organization Controls)
1
Evaluation of internal controls
CC4.1
SOC 2 (Systems and Organization Controls)
7
Evaluation and communication of internal control deficiencies
CC4.2
SOC 2 (Systems and Organization Controls)
3
Control activities for mitigation of risks
CC5.1
SOC 2 (Systems and Organization Controls)
4
Control activities for achievement of objectives
CC5.2
SOC 2 (Systems and Organization Controls)
2
Establishment of policies
CC5.3
SOC 2 (Systems and Organization Controls)
3
Identification and listing of assets
CC6.1a
SOC 2 (Systems and Organization Controls)
6

Universal cyber compliance language model: Comply with confidence and least effort

In Cyberday, all frameworks’ requirements are mapped into universal tasks, so you achieve multi-framework compliance effortlessly.

Security frameworks tend to share the common core. All frameworks cover basic topics like risk management, backup, malware, personnel awareness or access management in their respective sections.
Cyberday’s universal cyber security language technology creates you a single security plan and ensures you implement the common parts of frameworks just once. You focus on implementing your plan, we automate the compliance part - for current and upcoming frameworks.
Start your free trial