ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

SOC-2-TYPE-2

AICPA SaaS audit over a period.

Definition

SOC 2 (Service Organization Control 2) Type 2 audits five Trust Service Criteria: Security (mandatory), Availability, Processing Integrity, Confidentiality, Privacy. Type 1 = point-in-time ; Type 2 = over duration. Annual audit nearly mandatory for B2B SaaS US.

Origin

AICPA standard published 2010 ; TSP 2017 update including Privacy.

Example in context

A US cloud EDI vendor annually passes SOC 2 Type 2 over 12 months — report shared under NDA with customers.

Last updated: May 16, 2026