SOC 2 vs Industry Frameworks
The five Principles of SOC 2 have major cross over with other industry frameworks such as ISO 27001, COBIT, CSA Cloud Controls Matrix and PCI. All have a strong focus on security, availability of service, processing controls, and in some cases, privacy.
Service Organizations and their Users that have an interest in best practice need to know how these frameworks overlap and complement each other. At the very least it allows comparability for users and reduces rework for service organizations.
Sources for SOC 2 vs Industry Frameworks
There is one key third party summary of how SOC 2 meshes with other frameworks, the Cloud Security Alliance Cloud Controls Matrix v3.0.
It currently aligns to the 2009 version of the Trust Services Principles, and compares to COBIT 4.1, not 5.
Upcoming Rogers Carlisle Comparisons
We will be delivering specific framework comparisons when the new Trust Service Principles document is finalised mid-2014.