SOC 2 Type 2 is an auditing procedure developed by the American Institute of Certified Public Accountants (AICPA). It evaluates a service organization’s controls related to security, availability, processing integrity, confidentiality, and privacy. Unlike Type 1, which provides a snapshot at a single point in time, Type 2 involves a detailed assessment of controls over a minimum six-month period. The audit examines how effectively an organization maintains system controls and protects customer data, providing assurance to stakeholders about the organization’s commitment to robust security and operational practices.