SOC 2® Additional Criteria for Availability

The SOC 2 Additional Criteria for Availability Playbook addresses the following areas:

• The entity maintains, monitors, and evaluates current processing capacity and use of system components (infrastructure, data, and software) to manage capacity demand and to enable the implementation of additional capacity to help meet its objectives
• The entity authorizes, designs, develops or acquires, implements, operates, approves, maintains, and monitors environmental protections, software, data back-up processes, and recovery infrastructure to meet its objectives, and
• The entity tests recovery plan procedures supporting system recovery to meet its objectives