Effective on September 30, 2025
Effective on September 30, 2025
CCG System and Organization Controls (SOC) Reports are the result of independent third-party audits that examine how CCG achieves key compliance controls and objectives. The CCG SOC 2 Security Type II report will help you and your auditors understand the CCG controls established to support data security, availability, confidentiality, privacy, and processing integrity.
CCG System and Organization Controls (SOC) Reports are the result of independent third-party audits that examine how CCG achieves key compliance controls and objectives. The CCG SOC 2 Security Type II report will help you and your auditors understand the CCG controls established to support data security, availability, confidentiality, privacy, and processing integrity.
What is SOC 2?
SOC 2 is an auditing procedure designed to ensure that service providers securely manage data to protect the interests of your organization and the privacy of its clients. Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five Trust Service Principles.
What is SOC 2?
What is SOC 2?
SOC 2 is an auditing procedure designed to ensure that service providers securely manage data to protect the interests of your organization and the privacy of its clients. Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five Trust Service Principles.
SOC 2 is an auditing procedure designed to ensure that service providers securely manage data to protect the interests of your organization and the privacy of its clients. Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five Trust Service Principles.
Trust Service Principles
Trust Service Principles
Security
The system is protected against unauthorized access, both physical and logical.
Availability
The system is available for operation and use as committed or agreed.
Processing integrity
System processing is complete, accurate, timely, and authorized.
Confidentiality
Information designated as confidential is protected as committed or agreed.
Privacy
personal information is collected, used, retained, disclosed, and destroyed in line with the entity’s privacy notice and Generally Accepted Privacy Principles.
Security
The system is protected against unauthorized access, both physical and logical.
Availability
The system is available for operation and use as committed or agreed.
Processing integrity
System processing is complete, accurate, timely, and authorized.
Confidentiality
Information designated as confidential is protected as committed or agreed.
Privacy
personal information is collected, used, retained, disclosed, and destroyed in line with the entity’s privacy notice and Generally Accepted Privacy Principles.
A SOC 2 report comes in two formats
What is CCG SOC 2 report?
CCG has a SOC 2 Type II report. The report describes CCG’s security controls and examines the suitability and effectiveness of those controls in meeting the AICPA Trust Service Principles. It provides an independent assessment of how well CCG manages data with respect to data security, availability, confidentiality, privacy, and processing integrity.
A SOC 2 report comess in two formats
Type I
Measures policies and procedures in place at a specific point in time.
Type II
Measures the effectiveness of policies and procedures as operated over a defined period.
Type I
Measures policies and procedures in place at a specific point in time.
Type II
Measures the effectiveness of policies and procedures as operated over a defined period.
What is CCG SOC 2 report?
A SOC 2 report comess in two formats
SOC 2 is an auditing procedure designed to ensure that service providers securely manage data to protect the interests of your organization and the privacy of its clients. Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five Trust Service Principles.
SOC 2 is an auditing procedure designed to ensure that service providers securely manage data to protect the interests of your organization and the privacy of its clients. Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five Trust Service Principles.
©2025 BY CRESCENZA CONSULTING GROUP | ALL RIGHTS RESERVED
sales@crescenzaconsulting.ca
What is CCG SOC 2 report?
CCG has a SOC 2 Type II report. The report describes CCG’s security controls and examines the suitability and effectiveness of those controls in meeting the AICPA Trust Service Principles. It provides an independent assessment of how well CCG manages data with respect to data security, availability, confidentiality, privacy, and processing integrity.
Effective on September 30, 2025
CCG System and Organization Controls (SOC) Reports are the result of independent third-party audits that examine how CCG achieves key compliance controls and objectives. The CCG SOC 2 Security Type II report will help you and your auditors understand the CCG controls established to support data security, availability, confidentiality, privacy, and processing integrity.
Type I
Measures policies and procedures in place at a specific point in time.
Type II
Measures the effectiveness of policies and procedures as operated over a defined period.
Type I
Measures policies and procedures in place at a specific point in time.
Type II
Measures the effectiveness of policies and procedures as operated over a defined period.
Security
The system is protected against unauthorized access, both physical and logical.
Availability
The system is available for operation and use as committed or agreed.
rocessing integrity
System processing is complete, accurate, timely, and authorized.
Confidentiality
Information designated as confidential is protected as committed or agreed.
Privacy
Personal information is collected, used, retained, disclosed, and destroyed in line with the entity’s privacy notice and Generally Accepted Privacy Principles.
Security
The system is protected against unauthorized access, both physical and logical.
Availability
The system is available for operation and use as committed or agreed.
rocessing integrity
System processing is complete, accurate, timely, and authorized.
Confidentiality
Information designated as confidential is protected as committed or agreed.
Privacy
Personal information is collected, used, retained, disclosed, and destroyed in line with the entity’s privacy notice and Generally Accepted Privacy Principles.
Trust Service Principles