SOC 2 Type II Compliance
To maintain the high organizational and security standards that Creative Force is built on, we made it a necessity to receive our SOC 2 Type II certification. We did this to ensure our clients that their data is safe.
What is SOC 2?
SOC stands for "system and organization controls." The controls are a set of standards for measuring just how well a company regulates and keeps its information safe. When engaging with third-party vendors, the SOC 2 certification may bring peace of mind that your company's data is safe and secure.
SOC 1, 2, and 3
SOC 1: Simply put, these reports focus on the organization’s controls related to financial reporting.
SOC 2: These are more in-depth reports expanding on the financial reporting of SOC 1. They also require standard operating procedures for organizational oversight, vendor management, risk management, and regulatory oversight.
A SOC 2-certified service organization is for more advanced IT providers and SaaS (software as a service) companies, like Creative Force.
SOC 3: While it has the highest number, it's actually a simplified version of SOC 2 reports and requires less formalized documentation.
Type I and II
On top of the certification, there are also two 'types':
Type I: This is a report concerning policies and procedures at a specific moment. A snapshot of the company.
Type II: These are a little more in-depth, reporting policies and procedures over a specified time period. At a minimum, systems are evaluated for six months.
The Trust Services Principles
Finally, SOC 2 framework includes five specific criteria to focus on that include:
- Security of the system
- Processing integrity of the system
- Availability of the system
- Privacy of the system
- Confidentiality of information processed
What does this mean for you?It means that your sensitive data is safe with Creative Force. The SOC 2 Type II certification is the most comprehensive certification in the Systems and Organization Controls protocol.
One of the most essential pieces of receiving this SOC 2 Type II certification is the external approval of our internal procedures. Many talented employees perform high-quality work and compliance in their day-to-day operations to ensure that all of our client's data is safe.
SOC 2 is helping our organization set and maintain incredibly high standards throughout our operations.
To learn more about our SOC 2 journey, click here.