The security of our customers’ data is a top priority at ReadySign, which is why we’re pleased to announce the successful completion of our SOC 2, Type 2 audit.
By undergoing a SOC 2, Type 2 audit SecureDocs, Inc., ReadySign’s parent company, maintains its adherence to one of the most stringent, industry-accepted auditing standards for service companies. And for our customers’ added assurance, we make certain, through an independent auditor, that our business process, information technology, and risk management controls are properly designed.
What's a SOC 2 audit?
SOC 2 audits are based on the American Institute of Certified Public Accountants’ (AICPA) Trust Service Criteria. SOC 2 audit reports focus on a Service Organization’s non-financial reporting controls as they relate to Security, Confidentiality, and more.
SecureDocs, Inc.’s SOC 2 audit report covers the following criteria:
Security – Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems that could compromise the availability, integrity, confidentiality, and privacy of information or systems and affect the entity’s ability to achieve its objectives.
Availability – Information and systems are available for operation and use to meet the entity’s objectives.
Confidentiality – Requires companies to demonstrate the ability to protect confidential information throughout its lifecycle, including collection, processing, and disposal.
This audit report provides an extensive review of our company’s internal controls, policies, and processes for all of our software offerings. It also reviews our processes relating to risk management and subservice (vendor) due diligence, as well as our entire IT infrastructure, software development life cycle, change management, logical security, network security, physical & environmental security, and computer operations.
SOC 2, Type 1 & SOC 2, Type 2: What's the difference?
There are two types of SOC 2 audits and corresponding reports. And as I mentioned previously, SecureDocs, Inc. has obtained a SOC 2, Type 2 report. Here’s the difference:
SOC 2, Type 1 - This is an assessment of an organization’s policies and procedures at a specific point in time (one day).
SOC 2, Type 2 - This is an assessment of an organization's controls over a period of time to ensure that a business adheres to its policies on an ongoing basis.
What this means for ReadySign customers:
Teams around the world trust ReadySign to protect their confidential information. And our team at ReadySign consistently goes to great lengths to ensure our customers’ data is safe, and maintain data security as a top priority. By obtaining a SOC 2, Type 2 audit report, SecureDocs, Inc. demonstrates this commitment to data security and to protecting our customer information.
"We are pleased that our SOC 2report has shown that we have the appropriate controls in place to mitigate risks related to the services we provide to our customers,” said CEO Will Reynolds. “Our clients trust us to protect their sensitive corporate information at all times, and this report serves as another example of how we’re doing that.”