In 2023, data security is more critical than ever for your business’s success.
We at Sudozi understand the unique challenges businesses face when managing their finance and business data. We ultimately believe that the best software companies can build fast and provide value while having a strong commitment to data security.
That’s why we are excited to announce that in January, we achieved our SOC 2, Type II final audit report. At its simplest, this means that we guarantee enterprise-level data security and adhere to the AICPA SOC 2 standards for secure services, building off of our existing SOC 2, Type I compliance achieved in 2022.
This is an important milestone in our efforts to bring the best security to the Sudozi FP&A platform, and reinforces our commitment to the data security of all customers, both present and future.
You can keep reading to learn more about SOC 2 compliance, and the positive implications of our SOC 2, Type II final report.
What is SOC 2?
SOC 2, or Systems and Organization Controls 2, is a security framework that specifies how organizations should protect data from security incidents, unauthorized access and other vulnerabilities.
The American Institute of Certified Public Accountants (AICPA) developed SOC 2 in 2010 to provide auditors with guidance for evaluating the operating effectiveness of an organization’s security protocols. At its core, AICPA designed SOC 2 to establish trust between service providers and customers.
SOC 2 defines requirements to manage and store customer data based on five Trust Services Criteria (TSC):
- Security
- Availability
- Processing integrity
- Confidentiality
- Privacy
What is a SOC 2, Type II Audit?
In the first half of 2022, we obtained our SOC 2, Type I audit report, which evaluates a company’s controls at a single point in time. The Type I report helps answer the question: are the security controls designed properly?
But achieving our Type I Report was only the beginning…
In January, we completed our SOC 2 Type II Report, which assesses how these controls function over a period of time. The Type II report helps answer the question: do the security controls a company has in place function as intended?
With our SOC 2, Type II Audit report completed, our customers can be confident that Sudozi enforces airtight internal security controls. This lays a foundation of security policies and processes that will allow Sudozi to continue to scale securely with our incredible customer base.
What's next?
Our achievement of the SOC 2 Type II audit report is just one milestone in Sudozi’s continuous efforts to provide the best security to our customers. Ensuring that the Sudozi platform is a safe and secure environment for customer data is a consistent effort and will always be a top priority.
Thank you to our customers for the continued support. We look forward to continuing to build the best finance platform and maintain trust with customers through unique data insights and robust data security.