Understanding the Trust Services Criteria (TSC)

~6 min read · Tags: SOC 2, TSC, Controls

Security (Common Criteria)

Foundational requirements that apply to all other criteria: risk, policies, access, change, monitoring, incidents.

System uptime and performance aligned with commitments (e.g., SLAs), including capacity and continuity planning.

Complete, valid, accurate, timely, and authorized processing of data.

Proper classification, access, retention/disposal (Confidentiality) and personal data lifecycle (Privacy).