{"id":10274,"date":"2025-10-07T19:02:04","date_gmt":"2025-10-08T02:02:04","guid":{"rendered":"https:\/\/sqccert.com.vn\/?p=10274"},"modified":"2026-04-02T00:31:40","modified_gmt":"2026-04-02T07:31:40","slug":"5-principles-of-soc-2","status":"publish","type":"post","link":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/","title":{"rendered":"5 Principles of SOC 2 &#8211; Risk Control Reporting System"},"content":{"rendered":"<p style=\"text-align: justify;\"><strong>When it comes to information security, trust is the most valuable asset. With SOC 2, that trust is built on the five Trust Service Criteria &#8211; the foundation of the entire assessment and compliance process. Let\u2019s explore these five core principles of SOC 2 with SQC Certification to protect data and reinforce credibility.<\/strong><\/p>\n<hr \/>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_74 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#Introduction_to_SOC_2\" >Introduction to SOC 2<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#Types_of_SOC_2_Reports\" >Types of SOC 2 Reports<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#SOC_2_Type_I\" >SOC 2 Type I:<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#SOC_2_Type_II\" >SOC 2 Type II:<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#5_Core_Principles_of_SOC_2\" >5 Core Principles of SOC 2<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#1_Security_%E2%80%93_Mandatory\" >1. Security \u2013 Mandatory<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#2_Availability\" >2. Availability<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#3_Confidentiality\" >3. Confidentiality<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#Some_control_measures_commonly_applied_to_this_principle_include\" >Some control measures commonly applied to this principle include:<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#4_Processing_Integrity\" >4. Processing Integrity<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#5_Privacy\" >5. Privacy<\/a><\/li><\/ul><\/nav><\/div>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Introduction_to_SOC_2\"><\/span><span style=\"color: #333399;\">Introduction to SOC 2<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">SOC 2 stands for <\/span><i><span style=\"font-weight: 400;\">Service Organization Control 2<\/span><\/i><span style=\"font-weight: 400;\">, a framework developed by the American Institute of Certified Public Accountants (AICPA). It is designed to evaluate how service organizations manage and protect customer data.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Unlike SOC 1 (which focuses on financial reporting), SOC 2 emphasizes information security and internal controls.<\/span><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Types_of_SOC_2_Reports\"><\/span><span style=\"color: #333399;\">Types of SOC 2 Reports<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><span class=\"ez-toc-section\" id=\"SOC_2_Type_I\"><\/span><span style=\"color: #333399;\">SOC 2 Type I:<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Evaluates the design of controls at a specific point in time (whether adequate controls are in place).<\/p>\n<h3><span class=\"ez-toc-section\" id=\"SOC_2_Type_II\"><\/span><span style=\"color: #333399;\">SOC 2 Type II:<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Assesses the operational effectiveness of those controls over a period (typically 6\u201312 months). This is the report most clients and partners request because of higher assurance.<\/p>\n<hr \/>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"5_Core_Principles_of_SOC_2\"><\/span><span style=\"color: #333399;\">5 Core Principles of SOC 2<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">The focus of the SOC 2 standard is the 5 core principles of SOC 2, which include: Security, Availability, Confidentiality, Processing Integrity, and Privacy. These form the foundation for the SOC 2 framework and its corresponding controls.<\/span><\/p>\n<h3 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"1_Security_%E2%80%93_Mandatory\"><\/span><span style=\"color: #333399;\">1. Security \u2013 <i>Mandatory<\/i><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Among the five principles, <\/span><b>Security <\/b><span style=\"font-weight: 400;\">is the \u201cbackbone\u201d and is required for all organizations. It focuses on protecting data throughout its entire lifecycle &#8211; from creation, usage, processing, and transmission to storage.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">The goal is to ensure that data does not fall into the wrong hands and is protected against threats such as: unauthorized access, cyberattacks, data alteration or destruction.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">To achieve this, organizations typically implement multiple layers of protection, including: access controls, firewalls, anti-malware software, intrusion detection systems. Importantly, effective implementation requires close collaboration across teams &#8211; from IT and operations to senior management.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">With this principle, SOC 2 helps organizations demonstrate that:<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\"> \u201cYour data is secure under all circumstances.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"2_Availability\"><\/span><span style=\"color: #333399;\">2. Availability<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">This principle focuses on ensuring that systems remain operational, stable, and meet committed performance levels. To achieve this, organizations need to implement measures such as: network performance monitoring, disaster recovery plans, regular data backups, business continuity strategies<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Availability also covers how an organization responds to security incidents in order to minimize service disruption. This is especially important if the customers care about <\/span><b>downtime <\/b><span style=\"font-weight: 400;\">and system reliability.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">With the advantages of cloud computing, many organizations today can meet this requirement more easily through automation tools and redundancy solutions.<\/span><\/p>\n<h3 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"3_Confidentiality\"><\/span><span style=\"color: #333399;\">3. Confidentiality<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">This principle focuses on protecting confidential information throughout its entire lifecycle &#8211; from creation and storage to usage and deletion. Such data typically includes: intellectual property, financial information, sensitive business details defined in customer contracts.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">To meet this requirement, organizations must establish proper access controls, ensuring that only authorized individuals or entities can access or use the data. If your company stores data under NDA agreements or commits to deleting data after service termination, Confidentiality should be included in your SOC 2 scope.<\/span><\/p>\n<hr \/>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Some_control_measures_commonly_applied_to_this_principle_include\"><\/span><span style=\"font-weight: 400; color: #333399;\">Some control measures commonly applied to this principle include:<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Data encryption<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Access control and authorization systems<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Network or application firewalls<\/span><\/li>\n<\/ul>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"4_Processing_Integrity\"><\/span><span style=\"color: #333399;\">4. Processing Integrity<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">This principle ensures that data is processed accurately, completely, in a timely manner, and consistently. In other words, systems must perform exactly as intended and produce reliable results.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">This is particularly critical for organizations handling sensitive customer data, such as financial transactions. To meet this principle, organizations can implement measures such as:<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Monitoring and validation of data processing workflows<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Quality assurance (QA) procedures<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">SOC tools to detect anomalies in processing<\/span><\/li>\n<\/ul>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"5_Privacy\"><\/span><span style=\"color: #333399;\">5. Privacy<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">This principle emphasizes protecting customers\u2019 <\/span><b>Personally Identifiable Information (PII)<\/b><span style=\"font-weight: 400;\"> from misuse, leakage, or unauthorized access. Unlike Confidentiality &#8211; which applies to various types of sensitive data &#8211; Privacy focuses specifically on personal data.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">To comply, organizations need to:<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Enforce strict access controls<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Implement multi-factor authentication (MFA)<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Encrypt personal data<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Be transparent with customers about how their data is collected, used, and shared<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">This principle is especially important for organizations managing large volumes of personal data such as: medical records, identity information, dates of birth, social security numbers<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Each of these criteria focuses on a specific area within your information security program. Together, they define the compliance objectives that your organization must meet under SOC 2 through appropriate controls.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Achieving SOC 2 certification demonstrates that your organization meets rigorous standards for security, reliability, and privacy, helping you build strong trust with customers and partners.<\/span><\/p>\n<hr \/>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Let SQC Certification Vietnam help your business achieve international standards professionally and sustainably.<\/span><\/p>\n<ul>\n<li style=\"text-align: justify;\"><span style=\"font-weight: 400;\"><strong>Hotline:<\/strong> <strong><span style=\"color: #ed1c24;\">0936396611<\/span><\/strong><\/span><\/li>\n<li style=\"text-align: justify;\"><strong>Website:<span style=\"color: #333399;\"> https:\/\/sqccert.com.vn\/<\/span><\/strong><\/li>\n<li style=\"text-align: justify;\"><span style=\"font-weight: 400;\"><strong>REGISTER NOW:<\/strong><span style=\"color: #333399;\"> https:\/\/forms.gle\/ydn9rzk5H7jrrf9g9<\/span><\/span><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>When it comes to information security, trust is the most valuable asset. With SOC 2, that trust is built on the five Trust Service Criteria &#8211; the foundation of the entire assessment and compliance process. Let\u2019s explore these five core principles of SOC 2 with SQC Certification to protect data and reinforce credibility. Introduction to [&#8230;]\n","protected":false},"author":3,"featured_media":9239,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-10274","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>5 Principles of SOC 2 - Risk Control Reporting System - SQC Certification Vietnam<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"5 Principles of SOC 2 - Risk Control Reporting System - SQC Certification Vietnam\" \/>\n<meta property=\"og:description\" content=\"When it comes to information security, trust is the most valuable asset. With SOC 2, that trust is built on the five Trust Service Criteria &#8211; the foundation of the entire assessment and compliance process. Let\u2019s explore these five core principles of SOC 2 with SQC Certification to protect data and reinforce credibility. Introduction to [...]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/\" \/>\n<meta property=\"og:site_name\" content=\"SQC Certification Vietnam\" \/>\n<meta property=\"article:published_time\" content=\"2025-10-08T02:02:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-02T07:31:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sqccert.com.vn\/wp-content\/uploads\/2025\/10\/5-nguyen-tac-cot-loi-cua-soc-2-3.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"700\" \/>\n\t<meta property=\"og:image:height\" content=\"477\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Tung Tung\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tung Tung\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/\",\"url\":\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/\",\"name\":\"5 Principles of SOC 2 - Risk Control Reporting System - SQC Certification Vietnam\",\"isPartOf\":{\"@id\":\"https:\/\/sqccert.com.vn\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sqccert.com.vn\/wp-content\/uploads\/2025\/10\/5-nguyen-tac-cot-loi-cua-soc-2-3.webp\",\"datePublished\":\"2025-10-08T02:02:04+00:00\",\"dateModified\":\"2026-04-02T07:31:40+00:00\",\"author\":{\"@id\":\"https:\/\/sqccert.com.vn\/#\/schema\/person\/918b77e4d5397fbeca67a4602a0e7069\"},\"breadcrumb\":{\"@id\":\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#primaryimage\",\"url\":\"https:\/\/sqccert.com.vn\/wp-content\/uploads\/2025\/10\/5-nguyen-tac-cot-loi-cua-soc-2-3.webp\",\"contentUrl\":\"https:\/\/sqccert.com.vn\/wp-content\/uploads\/2025\/10\/5-nguyen-tac-cot-loi-cua-soc-2-3.webp\",\"width\":700,\"height\":477,\"caption\":\"5 nguy\u00ean t\u1eafc c\u1ee7a SOC 2\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/sqccert.com.vn\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"5 Principles of SOC 2 &#8211; Risk Control Reporting System\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/sqccert.com.vn\/#website\",\"url\":\"https:\/\/sqccert.com.vn\/\",\"name\":\"SQC Certification Vietnam\",\"description\":\"Your trully partner\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/sqccert.com.vn\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/sqccert.com.vn\/#\/schema\/person\/918b77e4d5397fbeca67a4602a0e7069\",\"name\":\"Tung Tung\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sqccert.com.vn\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/024571f4888b998ecd8c93310706c78ca3c86be71f91964700e54e21c8534c3a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/024571f4888b998ecd8c93310706c78ca3c86be71f91964700e54e21c8534c3a?s=96&d=mm&r=g\",\"caption\":\"Tung Tung\"},\"url\":\"https:\/\/sqccert.com.vn\/en\/author\/tung\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"5 Principles of SOC 2 - Risk Control Reporting System - SQC Certification Vietnam","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/","og_locale":"en_US","og_type":"article","og_title":"5 Principles of SOC 2 - Risk Control Reporting System - SQC Certification Vietnam","og_description":"When it comes to information security, trust is the most valuable asset. With SOC 2, that trust is built on the five Trust Service Criteria &#8211; the foundation of the entire assessment and compliance process. Let\u2019s explore these five core principles of SOC 2 with SQC Certification to protect data and reinforce credibility. Introduction to [...]","og_url":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/","og_site_name":"SQC Certification Vietnam","article_published_time":"2025-10-08T02:02:04+00:00","article_modified_time":"2026-04-02T07:31:40+00:00","og_image":[{"width":700,"height":477,"url":"https:\/\/sqccert.com.vn\/wp-content\/uploads\/2025\/10\/5-nguyen-tac-cot-loi-cua-soc-2-3.webp","type":"image\/webp"}],"author":"Tung Tung","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Tung Tung","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/","url":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/","name":"5 Principles of SOC 2 - Risk Control Reporting System - SQC Certification Vietnam","isPartOf":{"@id":"https:\/\/sqccert.com.vn\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#primaryimage"},"image":{"@id":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#primaryimage"},"thumbnailUrl":"https:\/\/sqccert.com.vn\/wp-content\/uploads\/2025\/10\/5-nguyen-tac-cot-loi-cua-soc-2-3.webp","datePublished":"2025-10-08T02:02:04+00:00","dateModified":"2026-04-02T07:31:40+00:00","author":{"@id":"https:\/\/sqccert.com.vn\/#\/schema\/person\/918b77e4d5397fbeca67a4602a0e7069"},"breadcrumb":{"@id":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#primaryimage","url":"https:\/\/sqccert.com.vn\/wp-content\/uploads\/2025\/10\/5-nguyen-tac-cot-loi-cua-soc-2-3.webp","contentUrl":"https:\/\/sqccert.com.vn\/wp-content\/uploads\/2025\/10\/5-nguyen-tac-cot-loi-cua-soc-2-3.webp","width":700,"height":477,"caption":"5 nguy\u00ean t\u1eafc c\u1ee7a SOC 2"},{"@type":"BreadcrumbList","@id":"https:\/\/sqccert.com.vn\/en\/5-principles-of-soc-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sqccert.com.vn\/en\/"},{"@type":"ListItem","position":2,"name":"5 Principles of SOC 2 &#8211; Risk Control Reporting System"}]},{"@type":"WebSite","@id":"https:\/\/sqccert.com.vn\/#website","url":"https:\/\/sqccert.com.vn\/","name":"SQC Certification Vietnam","description":"Your trully partner","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sqccert.com.vn\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/sqccert.com.vn\/#\/schema\/person\/918b77e4d5397fbeca67a4602a0e7069","name":"Tung Tung","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sqccert.com.vn\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/024571f4888b998ecd8c93310706c78ca3c86be71f91964700e54e21c8534c3a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/024571f4888b998ecd8c93310706c78ca3c86be71f91964700e54e21c8534c3a?s=96&d=mm&r=g","caption":"Tung Tung"},"url":"https:\/\/sqccert.com.vn\/en\/author\/tung\/"}]}},"views":9,"jetpack_featured_media_url":"https:\/\/sqccert.com.vn\/wp-content\/uploads\/2025\/10\/5-nguyen-tac-cot-loi-cua-soc-2-3.webp","_links":{"self":[{"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/posts\/10274","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/comments?post=10274"}],"version-history":[{"count":0,"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/posts\/10274\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/media\/9239"}],"wp:attachment":[{"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/media?parent=10274"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/categories?post=10274"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sqccert.com.vn\/en\/wp-json\/wp\/v2\/tags?post=10274"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}