We’re excited and proud to announce that IndySoft recently received our SOC 2 Type II attestation report from The Moore Group, a CPA firm specializing in SOC audits! The completion of this engagement (with no exceptions) provides evidence of our strong commitment to delivering high-quality services and our desire to give our customers confidence in our service delivery.
SOC 2 Type II compliance is an important accomplishment as it represents the highest level of security and trust for service organizations. IndySoft is the only calibration software vendor that currently has met this achievement.
Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 Type II certification is widely recognized as the gold standard for data security and requires companies to establish and follow strict information security policies and procedures encompassing the security, availability, and confidentiality of customer data. SOC stands for “system and organization controls,” and the controls are a series of standards designed to help measure how well a given service organization conducts and regulates its information. Specifically, SOC 2 is designed for service providers storing customer data in the cloud.
As companies increasingly use outside vendors to perform activities that are core to their business operations and strategy, there is a need for more trust and transparency into cloud software providers’ operations, processes and results. The purpose of SOC standards is to provide confidence and peace of mind for organizations when they engage third-party vendors. A SOC-certified organization has been audited by an independent certified public accountant who determined the firm has the appropriate SOC safeguards and procedures in place.
Beyond assessing just the design of the security, availability, and confidentiality controls as required in a Type I audit, a Type II report concerns the operational effectiveness of policies and procedures over a specified time period; for this more rigorous designation, systems must be evaluated for a minimum of six months.
IndySoft’s Type II certification demonstrates our commitment to data security through the practices and procedures we follow for protecting against unauthorized access, maintaining the availability of our service, and protecting the confidential information of our customers. This means that you can have peace of mind that we are utilizing best-practice methods to ensure that your data is secure and kept confidential and that we have designed and implemented measures to ensure that we are able to achieve our service commitments to you.
Our SOC 2 Type II certification also means that you can communicate to your customers that IndySoft is SOC 2 compliant.
For the past twenty years, we have been the 1st to do a lot of things when it comes to calibration software. Becoming the 1st calibration software vendor to achieve SOC 2 Type II certification is an amazing accomplishment. The audit was rigorous and detailed so when our SOC 2 report came back as a “clean report,” meaning no exceptions or issues relating to compliance were noted by the auditors, we were thrilled. It is especially difficult for organizations to achieve a clean report on their first audit, so to have essentially received an A+ on our first review, we could not have been happier.
Keeping our customers’ data safe and secure is one of our highest priorities. Our aim is to meet the highest standards of accountability, and our recent certification shows our ongoing commitment to protect your data so you can focus on your core business operations.
This is not the end for the SOC 2 process in IndySoft though. We are committed to carrying out an annual SOC 2 audit to ensure we continue to build on what we have put in place and keep supporting our customers’ needs.
In doing so, we will continue to demonstrate the importance we place on your trust, and how much we value it.
We’re happy to provide our full SOC 2 Type II Report to current or potential customers. Please email privacy@IndySoft.com to request the report.