Trust Services Criteria

SOC 2 Compliance for AI Systems. Continuous Evidence.

SOC 2 audits require evidence of controls across security, availability, and confidentiality. Aguardic maps your AI governance policies to Trust Services Criteria and generates audit evidence automatically.

Pre-built SOC 2 policy pack — 4 policies, 12 enforceable rules

Policies mapped to Trust Services Criteria (CC6–CC8)

Continuous evidence generation — always audit-ready

Start Free Trial Browse SOC 2 Pack

14-day free trial · No credit card · Free SOC 2 policy pack

SOC 2 Compliance Report

88%

Score

Violations

Open

4/4

Policies

Policy Coverage

Access Controls

100%

Change Mgmt

85%

Logging

90%

Encryption

80%

PolicyStatusViolations

Access ControlsActive2

Change ManagementActive1

Logging & MonitoringActive0

Data EncryptionActive2

Requirements Coverage

SOC 2 Coverage Matrix

No single tool covers every requirement. Here's exactly what Aguardic covers and what you'll need alongside us.

Covered

Partial

Not Covered

Total

Requirement

Status

How Aguardic Helps

Evidence

CC6.1 — Logical Access Security

Implement logical access security over information assets

Covered

Policy enforcement gates which users, systems, and AI models can access sensitive data. Integration-level policies control data flow across all connected tools.

Access policy evaluation logs, integration access records

CC6.2 — User Authentication

Authenticate users before granting access to information assets

Not Covered

Requires an identity provider with MFA (e.g., Okta, Azure AD). Aguardic enforces post-authentication policies, not authentication itself.

—

CC6.3 — Access Authorization

Authorize access based on authorization credentials and system configuration

Partial

Policies enforce role-based and context-based access to AI systems and their outputs. Does not manage the underlying authorization infrastructure.

Policy evaluation logs with authorization context

CC7.1 — Vulnerability Management

Detect and monitor security vulnerabilities in system components

Not Covered

Requires vulnerability scanning tools (e.g., Snyk, Dependabot). Aguardic governs AI behavior, not infrastructure security.

—

CC7.2 — Anomaly Detection

Monitor system components for anomalies indicative of malicious acts or errors

Covered

Continuous policy evaluation across AI outputs detects anomalous behavior, policy violations, and suspicious patterns. Alerts on violations in real time.

Violation alerts, anomaly detection logs, trend reports

CC7.3 — Security Incident Response

Evaluate detected events and respond to identified security incidents

Partial

Enforcement modes (Block/Warn/Escalate) provide automated incident response for policy violations. Does not replace a full incident response plan or team.

Enforcement action logs, escalation records

CC8.1 — Change Management

Authorize, design, develop, configure, document, test, approve, and implement changes

Covered

Policy versioning tracks all changes with timestamps and audit trail. VCS integration enforces code review policies. Every policy change is logged.

Policy version history, change approval logs, VCS evaluation records

C1.1 — Confidentiality Commitments

Protect confidential information as committed or agreed

Covered

Content scanning policies detect and block sensitive data leakage through AI outputs, document sharing, email, and messaging. Enforcement prevents exposure before it happens.

Data leakage prevention logs, blocked disclosure records

C1.2 — Confidential Information Disposal

Dispose of confidential information to meet commitments

Not Covered

Requires data lifecycle management tools. Aguardic prevents leakage but does not manage data retention or disposal.

—

CC6.1 — Logical Access Security

Implement logical access security over information assets

Covered

Policy enforcement gates which users, systems, and AI models can access sensitive data. Integration-level policies control data flow across all connected tools.

Evidence: Access policy evaluation logs, integration access records

CC6.2 — User Authentication

Authenticate users before granting access to information assets

Not Covered

Requires an identity provider with MFA (e.g., Okta, Azure AD). Aguardic enforces post-authentication policies, not authentication itself.

CC6.3 — Access Authorization

Authorize access based on authorization credentials and system configuration

Partial

Policies enforce role-based and context-based access to AI systems and their outputs. Does not manage the underlying authorization infrastructure.

Evidence: Policy evaluation logs with authorization context

CC7.1 — Vulnerability Management

Detect and monitor security vulnerabilities in system components

Not Covered

Requires vulnerability scanning tools (e.g., Snyk, Dependabot). Aguardic governs AI behavior, not infrastructure security.

CC7.2 — Anomaly Detection

Monitor system components for anomalies indicative of malicious acts or errors

Covered

Continuous policy evaluation across AI outputs detects anomalous behavior, policy violations, and suspicious patterns. Alerts on violations in real time.

Evidence: Violation alerts, anomaly detection logs, trend reports

CC7.3 — Security Incident Response

Evaluate detected events and respond to identified security incidents

Partial

Enforcement modes (Block/Warn/Escalate) provide automated incident response for policy violations. Does not replace a full incident response plan or team.

Evidence: Enforcement action logs, escalation records

CC8.1 — Change Management

Authorize, design, develop, configure, document, test, approve, and implement changes

Covered

Policy versioning tracks all changes with timestamps and audit trail. VCS integration enforces code review policies. Every policy change is logged.

Evidence: Policy version history, change approval logs, VCS evaluation records

C1.1 — Confidentiality Commitments

Protect confidential information as committed or agreed

Covered

Content scanning policies detect and block sensitive data leakage through AI outputs, document sharing, email, and messaging. Enforcement prevents exposure before it happens.

Evidence: Data leakage prevention logs, blocked disclosure records

C1.2 — Confidential Information Disposal

Dispose of confidential information to meet commitments

Not Covered

Requires data lifecycle management tools. Aguardic prevents leakage but does not manage data retention or disposal.

Browse SOC 2 Policy Pack

Coverage mappings are based on Aguardic's current product capabilities mapped to SOC 2 Trust Services Criteria. These mappings should be validated with your auditor for your specific SOC 2 engagement.

Trust Services Criteria

SOC 2 Controls That Cover Your AI Systems

CC6 — Logical Access

Control who and what can access AI systems and their outputs. Enforce policies on data access, model queries, and output sharing.

CC7 — System Operations

Monitor AI system operations, detect anomalies, and enforce operational policies. Track model performance and availability.

CC8 — Change Management

Track changes to AI models, policies, prompts, and configurations with full audit trail. Document every modification.

Confidentiality

Prevent sensitive data leakage through AI outputs and document sharing. Detect and block confidential information in real time.

Does This Apply to You?

SOC 2 Is Table Stakes for Enterprise AI

SaaS & Technology

B2B SaaS vendors where SOC 2 is table stakes for enterprise sales
AI startups building products that process customer data
Cloud platforms integrating AI capabilities into existing services

Finance & Healthcare Tech

Fintech companies using AI for risk scoring, fraud detection, or credit decisions
Healthtech platforms processing sensitive data through AI models
Any company where customers require SOC 2 reports before signing

If your customers ask for a SOC 2 report and you use AI in your product, your auditor will expect to see AI-specific controls.

Get Compliant in Three Steps