Canonical Framework Canonical Frameworks Type 2

SOC 2 Type II

Full SOC 2 Type II compliance including continuous monitoring of control effectiveness over time. Extends Type I with change management, risk management, and operational effectiveness tracking. Required for enterprise sales and regulated-industry partnerships.

Regions

Global

Regulations

3 covered

Control Domains

8 domains

Deployment

Regulated SaaS, Private Cloud

Explore Talk to Sales

Regulations & Standards

AICPA SOC 2 Guide AICPA TSC 2017 SSAE 18

Control Domains

Access Control

Audit Logging

Incident Response

Data Encryption

Availability

Confidentiality

Change Management

Risk Management

Deployment Options

Regulated SaaS

Private Cloud

Get started in 3 steps

Explore the template

Click "Explore in Console" to open this template in the Keeptrusts configuration editor.

Customize policies

Adjust detection thresholds, escalation rules, and redaction patterns to match your requirements.

Deploy to your gateway

Save your configuration and deploy it to any Keeptrusts gateway — cloud, on-prem, or air-gapped.

More Canonical Frameworks templates

SOC 2 Type I

Point-in-time SOC 2 readiness with Trust Services Criteria controls.

Global

ISO/IEC 27001

International information security management system standard.

Global

ISO/IEC 42001

AI management system standard for responsible AI governance.

Global

Browse all templates