Why it matters
SOC 2 is enterprise sales prerequisite. Understanding shapes compliance for LLM products.
Advertisement
The architecture
Type 1: point-in-time. Type 2: over 6-12 months.
Trust criteria: security + availability + processing integrity + confidentiality + privacy.
Advertisement
How it works end to end
Controls: access management, change management, monitoring, incident response.
LLM-specific: model access controls, prompt/output logging, vendor management.
Third-party model access: assess model provider SOC 2.