SOC2 report of Azure Integration Services

To obtain the latest SOC Type II report for Azure Integration Services, you would typically look for the SOC 2 Type 2 report that covers the relevant services. However, the specific report you need may depend on the exact scope of your application and its compliance requirements. Since Azure Integration Services is part of the broader Azure ecosystem, you may find the SOC 2 Type 2 report relevant to Azure services.

You can access these reports through the Service Trust Portal (STP) under the SOC reports section. Make sure to check for the most recent reports issued, as they are typically updated annually. If you have an existing subscription or trial account, you should be able to download the necessary reports directly from the portal.

For more detailed guidance on accessing these reports, you can refer to the audit documentation provided by Microsoft.

Hii @Yadav, Shiv-1 (Ext),

Thank you for reaching us regarding the issue

It sounds like you're looking for the latest SOC Type II report for your Azure Integration Services application. To get the correct report, you'll typically want to refer to the SOC 2 Type 2 report. This report focuses specifically on security, availability, and confidentiality, which are often critical aspects for integration services.

Here’s how you can access it:

1. Sign in to the Service Trust Portal (STP): You will need a Microsoft cloud services account (like Azure, Dynamics 365, or Microsoft 365) to access the STP.
2. Navigate to the SOC Reports Section: Once logged in, go to the SOC reports section to find the SOC 2 Type 2 report.
3. Find Your Specific Report: Look for the Azure SOC 2 Type 2 report, as this will address the security, availability, processing integrity, confidentiality, or privacy standards you are interested in.

If you cannot find the specific document you're looking for, it may help to check the release dates, as these reports are generally updated semi-annually (on 31-Mar and 30-Sep) and take about six weeks to produce.

Reference:
https://servicetrust.microsoft.com/
https://servicetrust.microsoft.com/viewpage/SOC
https://dori-uw-1.kuma-moon.com/pt-br/azure/compliance/offerings/#audit-documentation
https://dori-uw-1.kuma-moon.com/en-us/azure/compliance/offerings/offering-soc-2

Kindly let us know if the above comment helps or you need further assistance on this issue.
Please "upvote" if the information helped you. This will help us and others in the community as well.

You don’t need a special SOC 2 report for “Azure Integration Services”

I’ve pulled these reports many times for my customers, and Azure publishes SOC 2 at the platform level, not per individual service.

"Logic Apps, API Management, Service Bus, Event Grid, and Functions" all fall under the standard Azure SOC 2 Type II attestation.

So, the correct report is the Azure SOC 2 Type 2 report available in the Service Trust Portal. That report covers the entire Azure platform and includes all services in audit scope, including the full integration stack.

If you check Microsoft’s audit documentation, they confirm that Azure releases a combined SOC 2 Type 2 attestation that applies to Azure, Dynamics 365, Power Platform, and select M365 workloads, and this is what auditors use for AIS workloads.

In short, the right one to download is the Azure SOC 2 Type 2 report. Nothing separate exists for Azure Integration Services specifically.