SOC 2 Type II

An audit report that verifies a SaaS vendor's security, availability, and confidentiality controls over a defined period (typically 6–12 months). SOC 2 Type II certification is often required by enterprise procurement and legal teams.