AICPA TSC · AI-specific additional considerations · Enterprise procurement baseline

Veladon for SOC 2 with AI Addendum: Evidence for 2026 Audit Cycles

SOC 2 Type II attestation is the enterprise procurement baseline for US B2B. In 2024–2025 the AICPA issued additional considerations for AI-related controls, and Big 4 and mid-tier CPA firms now include AI-specific evidence requests in 2026 audit cycles. The AI addendum is not a separate report — it is additional controls evaluated under the existing Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy).

Full name
SOC 2 Trust Services Criteria with AI-Era Additional Considerations (AICPA)
Effective
AICPA guidance issued 2024; applied in 2025–2026 audits
Jurisdiction
United States (AICPA); referenced by enterprise procurement globally
Primary regulator
AICPA + licensed CPA firms (Big 4 and mid-tier)
Get the SOC 2 AI evidence mapHow Veladon works

Executive summary · for CISOs + Compliance Officers

Why this matters for 500–2,500 employee mid-market.

SOC 2 Type II attestation is the enterprise procurement baseline for US B2B. In 2024–2025 the AICPA issued additional considerations for AI-related controls, and Big 4 and mid-tier CPA firms now include AI-specific evidence requests in 2026 audit cycles. The AI addendum is not a separate report — it is additional controls evaluated under the existing Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy). For a 500–2,500 employee SaaS or financial-services mid-market with a 9- to 12-month Type II window, having AI-specific evidence ready by month 1 of the window is the practical requirement.

Veladon evidences CC7.2 (system monitoring) and CC7.3 (security event evaluation) for the AI-specific threat surface by default. The AICPA 2024 additional considerations — AI system inventory, human oversight per AI use case, AI incident response — ship as artifacts in the quarterly pack. For organizations already in a SOC 2 Type II cycle, Veladon slots into the existing evidence workflow without new control categories or new auditor engagement; events appear in the same control-testing narrative the auditor is already sampling.

Which SOC 2 AI addendum controls matter for employees using public LLMs?

These are the specific articles, controls, or sections that govern the moment an employee pastes data into ChatGPT, Claude, or Gemini. A general-DLP retrofit rarely maps to these by default — Veladon's evidence pack carries the references inline on every log line.

  • CC6.1 — logical access controls extended to AI system access
  • CC7.2 — monitoring of system activity extended to AI prompt-level activity
  • CC7.3 — evaluation of security events extended to AI-related events
  • CC8.1 — change management extended to AI policy changes
  • Privacy Criteria P5 — data handling in AI prompts (PII in/out of public LLMs)
  • Confidentiality Criteria C1.1 — information designated as confidential in AI interactions
  • AICPA Additional Considerations 2024 — AI system inventory, human oversight evidence, AI incident response

Control-by-control mapping · 8 controls

What Veladon evidences for each SOC 2 AI addendum control.

The concrete control-ID to evidence mapping auditors request during fieldwork. Every SOC 2 AI addendum control below is indexed inline on every log line Veladon generates — so the quarterly evidence pack ships pre-sampled for each control.

Control IDRequirementVeladon evidence
SOC 2 CC6.1Logical access security — the entity implements logical access security software, infrastructure, and architectures over protected information assets.AI-system access evidence — which employees accessed which AI systems, authentication context, tenant-type (Enterprise vs personal), time-bounded access logging.
SOC 2 CC7.2System monitoring — the entity monitors system components and the operation of controls.Prompt-level monitoring log — user, timestamp, AI system, action taken (redact / block / allow), policy version, retained for full audit window.
SOC 2 CC7.3Evaluation of security events — the entity evaluates security events to determine whether they could or have resulted in a failure of the entity to meet its objectives.AI-related security event taxonomy — novel-category detection, repeat violations, exfiltration attempts, classified and triaged per policy with evidence of review.
SOC 2 CC8.1Change management — the entity authorizes, designs, develops, approves, and implements changes to infrastructure, data, software, and procedures to meet its objectives.Policy change log — every AI detection rule or oversight policy change versioned with editor, timestamp, rationale, approval evidence.
SOC 2 Privacy P5Privacy criteria P5 — the entity uses and retains personal information in accordance with its privacy commitments.Redaction evidence per data category (PII, PHI, payment, secrets) with hash-based replay capability. Minimization evidence per prompt.
SOC 2 Confidentiality C1.1Confidentiality — the entity identifies and maintains confidential information to meet the entity's objectives related to confidentiality.Customer identifier and internal project codename redaction — dictionary-versioned evidence, per-prompt application log, exception handling where customer-approved disclosure is required.
AICPA Additional Considerations (2024) AI-AAI system inventory — maintain an inventory of AI systems, their intended purpose, and the data they process.AI-system inventory artifact — auto-discovered, classified by provider and tenant type, updated on every new system detection.
AICPA Additional Considerations (2024) AI-BHuman oversight — document human oversight activities for consequential AI use cases.Human-oversight policy registry + per-use-case assignment + per-prompt oversight tag + exception handling log.

What lands in your quarterly evidence pack for SOC 2 AI addendum.

Veladon's quarterly evidence pack is structured around the exact artifacts a Big 4 auditor or regulator asks for. The list below is what lands in your /quarterly-exports/ folder 30 days after deployment.

  1. 01CC7.2 monitoring — prompt-level logs with user, timestamp, AI system, action taken (redact / block / allow), retained for the audit window
  2. 02CC7.3 event evaluation — AI-related security events (novel category detection, repeat violations, exfiltration attempts) classified and triaged per policy
  3. 03Privacy P5 — redaction evidence per data category (PII, PHI, payment, secrets) with hash-based replay
  4. 04Confidentiality C1.1 — customer identifier and internal project codename redaction with dictionary-versioned evidence
  5. 05AICPA Additional Considerations — AI inventory, human oversight per use case, AI incident response artifacts
  6. 06Control operation evidence — per-control sampling pack for Type II testing window (typically 9–12 months)

Implementation playbook · 5 phases · 500 employees in 5–10 business days

How to deploy Veladon for SOC 2 AI addendum in a compressed timeline.

  1. Phase 01

    Audit window planning

    Month 0

    Activities

    • Align SOC 2 Type II audit window with Veladon deployment (target: deploy month 1 of window)
    • Engage auditor on AI addendum scope — AI-specific controls in scope for testing
    • Update management representation letter with AI-related commitments

    Artifacts produced

    • Audit window calendar
    • AI addendum scope memo
    • Management representation letter updates

  2. Phase 02

    Deploy + evidence baseline

    Month 1

    Activities

    • Full Veladon MDM rollout
    • Enable all default detection categories + custom dictionary
    • Configure AICPA Additional Considerations evidence capture (AI inventory, oversight, incident)

    Artifacts produced

    • Full-deployment evidence
    • First-month baseline metrics
    • AICPA-mapped evidence starter

  3. Phase 03

    Operational evidence (months 2–9)

    Months 2–9

    Activities

    • Continuous CC7.2 / CC7.3 log capture
    • Monthly privacy-incident review
    • Quarterly evidence pack generation
    • Change-management versioning for policy updates (CC8.1)

    Artifacts produced

    • 8 months of operational evidence
    • 3 quarterly packs
    • Policy-change audit trail

  4. Phase 04

    Pre-audit preparation

    Month 10

    Activities

    • Auditor evidence request — sampling plan confirmation
    • Export CC7.2 / CC7.3 / Privacy P5 / Confidentiality C1.1 samples
    • Prepare AICPA Additional Considerations evidence walkthrough

    Artifacts produced

    • Sample evidence exports
    • Walkthrough decks
    • Management assertions draft

  5. Phase 05

    Audit fieldwork + report

    Months 11–12

    Activities

    • Auditor fieldwork — control-testing sampling
    • Evidence iteration as auditor follow-up
    • Draft report review + final report issuance

    Artifacts produced

    • Auditor test results
    • Final SOC 2 Type II report

Concrete use cases · how SOC 2 AI addendum obligations show up in practice

The specific scenarios Veladon covers for SOC 2 AI addendum.

9-month Type II window with AI addendum from month 1

A 1,200-employee SaaS initiates a new SOC 2 Type II cycle on February 1, 2026, running to October 31, 2026. Veladon deploys in week 1 (days 1–10 of window). The 9-month operational evidence window captures full population of AI-related events for auditor sampling. AICPA Additional Considerations evidence (AI inventory, oversight, incident) collects continuously. Auditor fieldwork in November 2026 samples from the full 9-month population; the AI addendum closes as a clean extension of CC7.2 / CC7.3 testing.

Mid-window adoption with shortened scope disclosure

A 900-employee company 4 months into its Type II window without AI-specific tooling realizes the AICPA AI addendum will be scoped. Veladon deploys in week 1 of month 5. The auditor agrees to a shortened AI-addendum testing window (months 5–12) with explicit scope disclosure in the management assertions. The report reflects the shortened scope; enterprise customers reviewing the report accept the shortened window as a reasonable adoption arc for a new control area.

SOC 2 + ISO 42001 combined evidence set

A fintech running both SOC 2 Type II and ISO 42001 certification uses one Veladon deployment to feed both. CC7.2 / CC7.3 / Privacy P5 / Confidentiality C1.1 evidence for SOC 2; Annex A.4 / A.6.2.3 / A.8.3 / A.9 / A.10 evidence for ISO 42001. Each log event carries both control-ID references. Auditor sampling for SOC 2 and certification-body sampling for ISO 42001 draw from the same underlying log population.

Enterprise customer SOC 2+AI report request

An enterprise customer requests the SaaS vendor's SOC 2 report and asks specifically for AI addendum coverage. The vendor's report includes AICPA Additional Considerations evidence testing with unqualified opinion. The vendor's trust portal exposes the relevant excerpts. Enterprise customer procurement closes the AI-governance section of vendor-risk with the report as evidence — no custom questionnaire assembly required.

Change-management versioning under CC8.1

Compliance Officer updates the detection policy to add a new PHI sub-pattern. Veladon's change-management log captures the policy-version bump with editor, timestamp, rationale (new regulatory guidance), and approval evidence (GRC steering committee approval). CC8.1 evidence is automatic — auditor sampling policy changes during Type II fieldwork finds a complete change-log with approval chains.

AI-related security event escalation

A finance employee's prompts trigger 5 repeat redaction events across 2 weeks, crossing the 'repeat violation' threshold. Veladon flags the pattern for GRC review, generates a CC7.3 security-event record with evaluation of whether the pattern could result in an objective failure, documents the triage decision (policy refresh + targeted re-training), and closes the event. Audit sampling for CC7.3 finds a clean evaluation narrative with decision evidence.

Deadline calendar

SOC 2 AI addendum deadlines + audit milestones.

Framework deadline

Rolling (continuous Type II cycles)

  1. Month 0

    Type II window start

    Define audit window (typically 9–12 months). Deploy Veladon in week 1 of window to capture full population.

  2. Month 4–6

    Mid-window review

    Review operational evidence accumulation, address any gaps before auditor fieldwork.

  3. Month 9–10

    Pre-audit preparation

    Export evidence for auditor sampling. Prepare walkthrough decks. Finalize management assertions.

  4. Month 10–12

    Audit fieldwork + report

    Auditor samples controls, iterates with management on findings, issues final SOC 2 Type II report.

Why a general DLP retrofit is insufficient for SOC 2 AI addendum evidence.

General DLP platforms were purpose-built for SOC 2, so their logs map cleanly to CC6, CC7, and Privacy criteria for file-level data movement. What they do not produce is the AICPA Additional Considerations evidence: AI system inventory, human oversight per AI use case, AI-specific incident response. A 2026 SOC 2 audit asking for AI evidence under the Additional Considerations gets a gap finding from general DLP. Veladon produces the AI-specific evidence AND the general CC7.2 / CC7.3 / Privacy P5 evidence, so the SOC 2 audit closes cleanly.

Questions CISOs ask about SOC 2 AI addendum

Common questions about SOC 2 AI addendum and employee AI use.

Is there a separate SOC 2 AI report, or is it just additional controls?

There is no separate SOC 2 AI report. The AICPA's 2024 additional considerations extend the existing Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy) with AI-specific evidence requests. A SOC 2 Type II report covering an organization's AI-era operations will include evidence mapped to the standard TSCs plus supplementary AI controls tested by the auditor. Some CPA firms are issuing optional SOC 2+ reports that package AI evidence prominently, but the core attestation remains SOC 2 Type II.

Does Veladon help my SOC 2 Type II audit if the AI addendum is not required?

Yes. Even without the AI addendum, Veladon's prompt-level logs evidence CC7.2 (system monitoring) and CC7.3 (security event evaluation) for the AI-specific threat surface. The AICPA 2024 additional considerations are voluntary but increasingly expected in 2026 audits — auditors default to requesting evidence of AI-related controls in management representation letters. Having the evidence ready reduces audit-cycle findings even if the addendum is not formally scoped.

How does the SOC 2 AI addendum relate to EU AI Act and ISO 42001?

SOC 2 is an attestation standard — it says 'we tested these controls and they operated as described.' ISO 42001 is a management system standard — it says 'we operate an AI Management System to this baseline.' EU AI Act is a regulation — it says 'you must comply with these obligations.' The three are complementary: ISO 42001 builds the operational baseline, SOC 2 attests that the baseline operates, EU AI Act makes some of the baseline mandatory for deployers in scope. Veladon's evidence pack supports all three — log lines carry SOC 2 control ID, ISO 42001 Annex A control ID, and EU AI Act article reference.

What AI-specific evidence does a Big 4 SOC 2 auditor typically request in a 2026 audit?

Typical requests in 2026 SOC 2 fieldwork: (1) AI system inventory with provider, purpose, and access controls; (2) evidence of monitoring for AI-related security events; (3) incident response evidence for at least one AI-related incident (or evidence that none occurred); (4) human oversight evidence per AI use case with consequential output; (5) privacy controls for PII / PHI in AI interactions; (6) change-management evidence for AI policy changes during the audit window. Veladon produces artifacts (1), (2), (4), and (5) directly; your GRC team authors the incident response documentation (3) and change-management policy (6), and Veladon's logs evidence execution of both.

Can a 500–2,500 employee mid-market close a SOC 2 Type II audit with AI evidence on a 9-month cycle?

Yes, with tooling. A 9-month Type II window for AI controls requires prompt-level logging from month 1 of the window. Veladon deployed in day 1 covers the 80% of AI-risk surface (browser-direct LLM use); full SaaS-connector coverage follows by day 7. The 9-month audit window then captures the full population of AI-related events for sampling. For organizations starting later in the window, CPA firms typically allow a shortened audit period with explicit scope disclosure; check with your auditor.

Tailored FAQ · SOC 2 AI addendum-specific

Additional SOC 2 AI addendum questions Veladon buyers ask.

Is the SOC 2 AI addendum a separate attestation?

No. The AICPA's 2024 additional considerations extend existing Trust Services Criteria with AI-specific evidence requests. A SOC 2 Type II report covering an organization's AI-era operations includes evidence mapped to standard TSCs (Security, Availability, Processing Integrity, Confidentiality, Privacy) plus supplementary AI controls tested by the auditor. Some CPA firms issue optional SOC 2+ reports that package AI evidence prominently, but the core attestation remains SOC 2 Type II. Veladon's evidence maps cleanly to both presentations.

Can Veladon support a Type I audit as well as Type II?

Yes. Type I tests design effectiveness at a point in time; Type II tests operating effectiveness over a window. Veladon's evidence supports both: Type I via policy-configuration snapshots and the deployment architecture documentation; Type II via operational evidence across the audit window. Most 500–2,500 employee mid-markets start with Type II directly, skipping Type I.

What if my Type II window already started and I want to add AI coverage mid-cycle?

Auditors typically allow a shortened AI-addendum testing window with explicit scope disclosure in management assertions. If you are 4 months into a 12-month window, deploying Veladon at month 5 gives you 7 months of AI evidence. The report discloses the shortened AI-addendum scope; enterprise customers reviewing the report accept the shortened window as a reasonable adoption arc for a new control area.

How does Veladon evidence the AICPA 2024 AI-specific additional considerations?

Four primary artifacts: (1) AI system inventory — auto-discovered, classified by provider and tenant type; (2) Human oversight per AI use case — policy registry + per-prompt oversight tag; (3) AI incident response — incident-record template with event metadata and triage narrative; (4) Privacy controls for PII/PHI in AI interactions — redaction evidence per category with hash-based replay. Together these map to the AICPA AI considerations an auditor tests in 2026 SOC 2 Type II fieldwork.

Does the SOC 2 AI addendum replace EU AI Act or ISO 42001 requirements?

No — they are complementary. SOC 2 is an attestation standard (tested controls operating as described). ISO 42001 is a management system standard (operational baseline for AI management). EU AI Act is a regulation (mandatory obligations for deployers in scope). The three are stacked: ISO 42001 builds the operational baseline, SOC 2 attests the baseline operates, EU AI Act makes some of the baseline mandatory. Veladon's evidence pack supports all three — log lines carry SOC 2 control ID, ISO 42001 Annex A ID, and EU AI Act article reference.

What does a Big 4 SOC 2 auditor typically request for 2026 AI evidence?

Common 2026 requests: AI system inventory with provider, purpose, access controls; evidence of monitoring for AI-related security events (CC7.2); incident response for at least one AI-related incident (CC7.3); human oversight for consequential AI outputs; privacy controls for PII/PHI in AI interactions (Privacy P5); change-management for AI policy changes (CC8.1). Veladon produces these directly; your GRC team authors the incident response documentation once, and Veladon's logs evidence execution on every event.

Pricing context · 500–2,500 employee deployments

What Veladon typically costs for SOC 2 AI addendum coverage.

At 500–2,500 employees for SOC 2 Type II with AI addendum coverage, Veladon lands at $22–32k ACV (mid-market tier) or $45–90k (enterprise tier) with quarterly packs indexed to CC6.1 / CC7.2 / CC7.3 / CC8.1 / Privacy P5 / Confidentiality C1.1 plus AICPA Additional Considerations evidence. Auditor fees are separate (typically $30–80k at this employee range for a Type II report). The tool-generated evidence reduces auditor fieldwork hours by approximately 30–40% on AI-specific testing, which some firms credit back in fee scope. For organizations already in a SOC 2 Type II cycle, Veladon slots into existing evidence workflow without new control categories.

Related on Veladon

Need SOC 2 AI addendum evidence on a compressed timeline?

Veladon deploys via MDM in 30 minutes and generates the first evidence pack at day 30. Get the Veladon early-access brief — detailed architecture, detection taxonomy, and SOC 2 AI addendum crosswalk.

Get the SOC 2 AI evidence map