Integralytic is thrilled to announce another significant step in our ongoing commitment to safeguarding customer data through top-tier safety and security measures. We have successfully completed our SOC 2 Type 2 audit, reaffirming our dedication to one of the most rigorous, industry-recognized auditing standards for service companies. This achievement offers clients added confidence that our business processes, information technology, and risk management controls are adhering to the highest standards and are meticulously monitored and managed.
Transparency in compliance is integral to our ethos, which is why we’ve pursued independent certifications such as HIPAA and SOC 2.
What exactly is SOC 2?
Simply put, compliance with SOC 2 confirms that a service organization maintains a high-level of information security and has the proper controls in place to handle sensitive data responsibly. For example, organizations that adhere to SOC 2 guidelines exhibit, among other requirements, the capacity to scale data infrastructure, identify unusual events, and efficiently manage security incidents.
SOC 2 Type 1 vs. SOC 2 Type 2
There are two types of SOC 2 reports. A Type 1 report outlines the systems in place and the appropriateness of implemented controls, providing an assessment of a company’s policies and procedures at a specific moment in time. A Type 2 report, on the other hand, delves into the effectiveness of these systems and controls over a designated period, ensuring continuous adherence to the policies. Type 2 is of significant importance for any platform responsible for processing and storing data.
SOC 2 engagements are based on the Trust Service Criteria defined by the American Institute of Certified Public Accountants (AICPA). In order to maintain a SOC 2 report, the audit must assess at least one of those criteria, the Security criteria, which is also known as the Common Criteria. However, Integralytic proudly engaged in a more extensive audit, covering additional criteria. Our audit report focuses on our non-financial reporting controls in terms of Security, Availability, and Confidentiality.
- Security measures emphasize the protection of information and systems against unauthorized access, disclosure, or any form of damage that could compromise their integrity, availability, confidentiality, and privacy, affecting the entity’s objectives.
- Availability criteria necessitate that information and systems are consistently operational and accessible to fulfill the organization’s goals.
- Confidentiality standards obligate companies to demonstrate their proficiency in safeguarding confidential information throughout its lifecycle, including collection, processing, and disposal.
Safeguarding Your Data: Our Priority
At Integralytic, our team takes extensive measures to ensure the safety of customer data. Our clients rely on us to safeguard their corporate information, and this report substantiates our unwavering dedication to prioritizing data security.
Although the SOC 2 Type II report is a significant milestone, our commitment to data security remains unwavering, independent of certifications, as data security is at the core of how we design, develop, and implement our products.
If you are a current or potential Integralytic customer, you can request a copy of our SOC 2 Type II report by emailing us at compliance@integralytic.com