We are proud to announce that Knowmadics was awarded SOC 2 Type 2 certification for its 360° Aware® platform. SOC 2 Type 2 compliance gives Knowmadics’ customers a high level of assurance. To achieve this certification, we passed a thorough examination of our internal control policies and practices, conducted by an approved outside auditor.
Developed by the American Institute of CPAs (AICPA), a SOC 2 Type 2 certification defines criteria for managing customer data based on these five “trust service principles:” Security, Availability, Processing Integrity, Confidentiality, and Privacy.
This principle is commonly applied to all engagement and addresses where the system protects against unauthorized access. Access controls can prevent security breaches such as disclosure of information, misuse of software, unauthorized removal of data, and potential system abuse.
The Availability principle refers to the accessibility of a system, product, or service as specified in a contract or service level agreement. It typically applies to firms providing services such as colocation, hosting, and data center to clients. In short, it demands that we ensure that our system is available for operation and utilization as agreed upon in the contract.
The Processing Integrity principle pertains to our system achieving its purpose of delivering the right data at the right time and at the right price. It refers to complete, valid, accurate, timely, and authorized data.
This principle addresses agreements that Knowmadics has with our clients regarding the use, access, and protection of information.
The Privacy principle addresses how third-party vendors collect and use personal information. It takes into consideration the disclosure and disposal of data in line with the privacy notice of the organization, as well as the criteria expressed in the generally-accepted privacy principles of the AICPA. Personal information include details such as name, address, and social security number of an individual.
With our SOC 2 Type 2 report, we are sending a powerful message to our customers: we apply elite best practices on data security and control systems.