Fortis SOC 2 Assessment focuses on several key areas: Security, Availability, Processing Integrity, Confidentiality, Privacy, IT Security Regulations, and Trust Service Principle Policies for your Microsoft 365 environment. Fortis' Service Organization Control (SOC) 2 Report is performed in accordance with AT101 and based upon the Trust Services Principles, with the ability to test and report on the design (Type I) and operating (Type II) effectiveness of a service organization’s Microsoft 365 controls. The report focuses on a company’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. The Trust Service Principles which SOC 2 is based upon are modeled around four broad areas: Policies, Communications, Procedures, and Monitoring.