During SOC 2 compliance audit periods, auditors review that security controls are in place, triggered, and responded to appropriately to assess the strength of an organization’s security posture. Auditors generally look for a number of controls, including the following: