Which of the following is NOT a SOC 2 trust service criterion?

Prepare for the CEBS Course 3 Exam with Group Benefits Associate and Retirement Plans Associate content using flashcards and multiple choice questions. Enhance your understanding with hints and explanations for each question, ensuring you're ready for success!

Multiple Choice

Which of the following is NOT a SOC 2 trust service criterion?

Explanation:
The SOC 2 framework uses five trust service criteria: security, availability, processing integrity, confidentiality, and privacy. Data backup is an important control activity that supports continuity and recovery, but it is not itself one of the five criteria. It helps meet the criterion of availability by enabling restoration after an interruption, yet the criteria themselves are the five areas listed. So data backup is not a dedicated trust service criterion, which is why it’s the correct choice.

The SOC 2 framework uses five trust service criteria: security, availability, processing integrity, confidentiality, and privacy. Data backup is an important control activity that supports continuity and recovery, but it is not itself one of the five criteria. It helps meet the criterion of availability by enabling restoration after an interruption, yet the criteria themselves are the five areas listed. So data backup is not a dedicated trust service criterion, which is why it’s the correct choice.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy