The System and Organization Controls (SOC) Reports are independent third-party examination reports that demonstrate how we achieve key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the controls established to support operations and compliance.
- The SOC 2 Security, Availability & Confidentiality Report, available to customers.
What information do the SOC Reports provide?
|SOC 2: Security, Availability & Confidentiality|
|What is the report?||A description of the controls environment and external audit of controls that meet the AICPA Trust Services Security, Availability, and Processing Integrity Principles and Criteria|
|Under what Standard is the Audit Report Performed?||Examination Engagements AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy(SOC 2®) TSP section 100A, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality (AICPA, 2017 Trust Services Criteria)|
|What’s the Primary Report Purpose?||To provide customers and users with a business need with an independent assessment of the control environment relevant to system security, availability, and confidentiality|
|Who is the Primary Report Audience?||Users with business need|
|What Period does the Report Cover?||
Who performs the independent third-party audit for the SOC Reports?
Hancock Askew & Co, LLP performs the SOC 2
How often are the SOC Reports issued and when can I expect a new report to be released?
SOC 2, are released annually.
Is a non-disclosure agreement (NDA) required to receive the SOC Reports?
An NDA is required to review the SOC 2 reports.
How do I request the SOC 2 Report?
The SOC 2 are available to customers by submitting a support request.