SOC 2 compliance does not have a strict list of "required" CIS Controls. SOC 2 is based on the AICPA Trust Services Criteria (TSC) — primarily the Security criterion (which is mandatory), with optional additions like Availability, Confidentiality, Processing Integrity, or Privacy depending on your clients' needs.

At BizCare, we're a technology solution company uniquely focused on driving business outcomes. We enable our clients—smaller organizations that view technology as a critical component of their success—to reach their objectives, measured by productivity, happy employees, and tangible business growth.