We are officially certified as a SOC 2 service organization, as defined by the American Institute of Certified Public Accountants (AICPA). SOC 2 certification means that JustFOIA underwent a System and Organization Control (SOC) 2 Type 2 audit by an external auditing firm.
What is SOC 2?
SOC 2 requires companies to establish and follow strict information security policies and procedures by encompassing security, availability, processing, integrity, and confidentiality of customer data. SOC 2 audits are conducted through an independent auditor to assure a business’ process, information technology, and risk management controls are properly designed.
A SOC 2 certification provides additional assurance for our customers. We are proud to adhere to one of the most stringent, industry-accepted auditing standards for SaaS companies!
The independent audit was conducted by Crowe LLP , one of the largest independent accounting and business consulting firms in the United States. This organization validated our software’s stringent security and governance controls.
Which Processes Get Reviewed in a SOC 2 Audit?
The official SOC 2 audit report provides a thorough review of processes relating to risk management, including:
- Internal Controls
- Access Management Policies
- Subservice (vendor) Due Diligence
- IT Infrastructure
- Software Development Lifecycle
- Change Management Procedures
- Logical Security
- Network Security
- Physical & Environmental Security
- Computer Operations
- Business Continuity and Disaster Recovery Plans
- Acceptable Use Policies
- Corporate Ethics
Top-Level Security for Public Records Management
“Successfully earning a SOC 2 Type 2 certification is a reflection of our commitment to ensuring our customers’ data is protected by the highest standards of data security, governance, and privacy,” said our President & CEO Donny Barstow. “This achievement, along with our FedRAMP authorized infrastructure on Microsoft Azure Government Cloud, means our customers can trust that we offer the industry’s most secure and easiest-to-use records request software available.”
To learn more about JustFOIA’s stringent security standards for public records management, visit our security assurance page or complete the form below to request a demo for your agency.