Most guides to running Claude Code in an enterprise stop at the install. That is the easy ten percent. The real work is the security design around an agentic tool that runs commands and reads files: the audit trail, prompt injection, permission modes, and a managed policy file.
SOC 2 is not a certification. It is an AICPA attestation report issued by a licensed CPA firm expressing an opinion about your controls. Most vendor websites, sales decks, and even compliance platforms get this basic fact wrong, and the confusion costs companies real time and money.
Most companies pay five figures annually for penetration testing they could run themselves. Open-source scanners like Nuclei, testssl.sh, and nmap cover the OWASP Top 10, generate auditor-ready reports, and run monthly on a cron job for zero cost.
US buyers want SOC 2 from the AICPA. European buyers want ISO 27001. The two frameworks share roughly 80% control overlap, but which one to pursue first depends on where your revenue comes from right now.
SOC 2 compliance platforms charge thousands annually for what is essentially organisation software. We moved to a Git repository, Google Drive for auditor access, and AI for the tedious work. The only cheque we write now goes to our CPA firm for the actual audit.
Your auditor does not care about Anthropic marketing promises or vendor certifications alone. They need evidence of YOUR controls around Claude Code, data handling documentation, and audit trails that prove your AI coding tool is not creating compliance gaps in your SOC 2 framework. IBM found 97% of AI-breached organizations lacked proper access controls.
RAG systems do not create new security risks - they amplify your existing data security posture. OWASP ranked sensitive data disclosure as the number two LLM risk in 2025. Weak access controls become glaringly obvious when your AI can retrieve everything you forgot you had.