We at Chainloop are pleased to share that we recently completed our System and Organization Controls (SOC) 2 Type II Audit. We obtained our audited SOC 2 Report by partnering with Johanson Group.
What Is a SOC 2 Type II Report?
The SOC 2 audit is one of the highest-recognized standards of information security compliance in the world. It was developed by the American Institute of CPAs (AICPA) to allow a third-party auditor to validate a service company's internal controls regarding information security.
A SOC 2 Type II report is an independent assessment that evaluates a company's controls over a specified period—typically 3 to 12 months. Unlike a Type I report, which assesses controls at a specific point in time, a Type II report examines how effectively these controls operate over an extended period. The report focuses on one or more of the five Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.
Our SOC 2 Type II report covers Security, Availability, and Confidentiality, confirming that our controls in these areas are properly designed and function effectively over time.
We obtained our audited SOC 2 Report by partnering with Johanson Group, which reviewed our internal controls, including policies, procedures, and infrastructure, regarding data security, firewall configurations, change management, logical access, backup management, business continuity, and disaster recovery, security incident response, and other critical areas of our business.
We go above and beyond the minimum requirements for SOC 2 by integrating our critical infrastructure to monitor compliance with the SOC 2 framework 24/7, not just during the audit window.
Why Did We Undergo a SOC 2 Examination?
We chose to undergo a SOC 2 examination to provide assurance that our systems and processes meet industry standards for security and reliability. This examination helps us demonstrate our commitment to protecting your data and ensuring the consistent availability of our services.
We believe the relationship with our customers must be built on trust. The successful completion of our SOC 2 Report is one of many ways we have planned to earn and retain that trust.
SOC 2 is just one aspect of our growing security program. We are committed to continually improving our information security program and retaining an annual SOC 2 audit to ensure we keep supporting our customers' needs.
What This Means for Our Customers?
Achieving SOC 2 Type II compliance provides the following:
- Verified Security Measures: Independent validation that we have controls to protect your data against unauthorized access.
- Reliable Service Availability: Assurance that our systems are designed and maintained for consistent uptime.
- Protected Confidentiality: Confirmation that we handle your sensitive information with appropriate confidentiality controls.
This compliance offers you greater confidence in our ability to protect your data and deliver reliable services.
Our Commitment to You
Completing the SOC 2 Type II examination is part of our effort to provide you with a secure and reliable platform. We are committed to:
- Transparency: Being open about our security measures and practices.
- Continuous Improvement: Regularly updating our controls to meet evolving industry standards.
- Customer Focus: Ensuring that our efforts directly benefit you by providing a secure and trustworthy platform.
For detailed and continuously updated information about our security practices, please visit our Trust Center.
Thank You
We appreciate your trust and support. Please contact us if you have any questions about our SOC 2 Type II compliance or how it enhances your experience with Chainloop.