SOC 2 Additional Criteria for Processing Integrity

The SOC 2 Additional Criteria for Processing Integrity Playbook addresses the following areas:

• The entity obtains or generates, uses, and communicates relevant, quality information regarding the objectives related to processing, including definitions of data processed and product and service specifications, to support the use of products and services
• The entity implements policies and procedures over system inputs, including controls over completeness and accuracy, to result in products, services, and reporting to meet the entity’s objectives
• The entity implements policies and procedures over system processing to result in products, services, and reporting to meet the entity’s objectives
• The entity implements policies and procedures to make available or deliver output completely, accurately, and timely in accordance with specifications to meet the entity’s objectives, and
• The entity implements policies and procedures to store inputs, items in processing, and outputs completely, accurately, and timely in accordance with system specifications to meet the entity’s objectives