We are officially certified as a SOC 2 service organization, as defined by the American Institute of Certified Public Accountants (AICPA).
What is SOC 2?
SOC 2 requires companies to establish and follow strict information security policies and procedures by encompassing security, availability, processing, integrity, and confidentiality of customer data. SOC 2 audits are conducted through an independent auditor to assure a business’ process, information technology, and risk management controls are properly designed.
A SOC 2 certification provides additional assurance for our customers. We are proud to adhere to one of the most stringent, industry-accepted auditing standards for technology companies!
The independent audit was conducted by Crowe LLP, one of the largest independent accounting and business consulting firms in the United States. This organization validated our software’s stringent security and governance controls.
Which Processes Get Reviewed in a SOC 2 Audit?
The official SOC 2 audit report provides a thorough review of processes relating to risk management, including:
Access Management Policies
Subservice (vendor) Due Diligence
Software Development Lifecycle
Change Management Procedures
Physical & Environmental Security
Business Continuity and Disaster Recovery Plans
Acceptable Use Policies
Top-Level Security for Public Records Management
“Successfully earning a SOC 2 Type 2 certification is a reflection of our commitment to ensuring our customers’ data is protected by the highest standards of data security, governance, and privacy,” said our President & CEO Donny Barstow. “This achievement, along with our FedRAMP authorized infrastructure on Microsoft Azure Government Cloud, means our customers can trust that we offer the industry’s most secure managed cloud offering.”
Learn more about our stringent security standards and how they can benefit your organization.