SOC 2 Additional Criteria for Availability

This library of SOC 2^® for Service Organizations Playbooks provides a set of fully loaded and editable templates that represent the core of what is generally required to demonstrate compliance with the 2017 Trust Services Criteria for:

Security
Availability
Processing Integrity
Confidentiality, and
Privacy

They lay out in convenient and easily usable format, the control criteria established by the Assurance Services Executive Committee (ASEC) of the AICPA for use in attestation or consulting engagements to evaluate and report on controls over the security, availability, processing integrity, confidentiality, or privacy of information and systems (a) across an entire entity; (b) at a subsidiary, division, or operating unit level; (c) within a function relevant to the entity’s operational, reporting, or compliance objectives; or (d) for a particular type of information used by the entity.

Download the Playbook

Unlock access to a wealth of information.

What is the SOC 2® Additional Criteria for Availability Playbook?

The SOC 2 Additional Criteria for Availability Playbook addresses the following areas:

The entity maintains, monitors, and evaluates current processing capacity and use of system components (infrastructure, data, and software) to manage capacity demand and to enable the implementation of additional capacity to help meet its objectives
The entity authorizes, designs, develops or acquires, implements, operates, approves, maintains, and monitors environmental protections, software, data back-up processes, and recovery infrastructure to meet its objectives, and
The entity tests recovery plan procedures supporting system recovery to meet its objectives