Skip to content
Cyber Compliance

GDPRSOC 2 crosswalk

A control-by-control mapping between General Data Protection Regulation (EU 2016/679) and SOC 2 (AICPA Trust Services Criteria). 2 mappings.

GDPRSOC 2RelationshipNotes
Art. 25
Data protection by design and by default
CC1.1
Integrity and ethical values
RelatedCurated
Governance & security policy
Art. 32
Security of processing
CC6.7
Restricting data transmission
PartialCurated
Cryptography & data protection

Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.