SOC 2 Type 2 Certification Achieved

blog page on tablet

We are officially certified as a SOC 2 service organization, as defined by the American Institute of Certified Public Accountants (AICPA). SOC 2 certification means that JustFOIA underwent a System and Organization Control (SOC) 2 Type 2 audit by an external auditing firm.

What is SOC 2?

SOC 2 requires companies to establish and follow strict information security policies and procedures by encompassing security, availability, processing, integrity, and confidentiality of customer data. SOC 2 audits are conducted through an independent auditor to assure a business’ process, information technology, and risk management controls are properly designed.

A SOC 2 certification provides additional assurance for our customers. We are proud to adhere to one of the most stringent, industry-accepted auditing standards for SaaS companies!

The independent audit was conducted by Crowe LLP , one of the largest independent accounting and business consulting firms in the United States. This organization validated our software’s stringent security and governance controls.

Which Processes Get Reviewed in a SOC 2 Audit?

The official SOC 2 audit report provides a thorough review of processes relating to risk management, including:

  • Internal Controls
  • Access Management Policies
  • Subservice (vendor) Due Diligence
  • IT Infrastructure
  • Software Development Lifecycle
  • Change Management Procedures
  • Logical Security
  • Network Security
  • Physical & Environmental Security
  • Computer Operations
  • Business Continuity and Disaster Recovery Plans
  • Acceptable Use Policies
  • Corporate Ethics

Top-Level Security for Public Records Management

“Successfully earning a SOC 2 Type 2 certification is a reflection of our commitment to ensuring our customers’ data is protected by the highest standards of data security, governance, and privacy,” said our President & CEO Donny Barstow. “This achievement, along with our FedRAMP authorized infrastructure on Microsoft Azure Government Cloud, means our customers can trust that we offer the industry’s most secure and easiest-to-use records request software available.”

To learn more about JustFOIA’s stringent security standards for public records management, visit our security assurance page or complete the form below to request a demo for your agency.