Warren Bennis once said, “Trust is the lubrication that makes it possible for organizations to work.” It is a fundamental factor for growth in all business relationships as less time is spent protecting oneself from being exploited and more towards productive outcomes.
With great dependency on SaaS (software-as-a-service) and cloud computing platforms, peoples’ worries surrounding online data security have also shot up. Revv decided to undergo the rigorous process of fulfilling SOC 2 compliance to continue to be a trusted partner for thousands of existing customers and the ones who will come on board in the future.
What is SOC 2 compliance and why is it required?
Companies must be reliable and trustworthy as they have access to customers’ important information. But, gaining this trust just by verbal promises is not feasible. Organizations need to abide by strict compliance standards like the SOC 2 developed by the American Institute of CPAs (AICPA). SOC 2 specifies how a company should handle its customer data to keep it protected, and its certification is issued by auditors.
The trust services criteria to be considered for the standard are – security, availability, processing integrity, confidentiality, and privacy.
The SOC 2 audit report of a service organization is a crucial document assessed by the security departments. This report reflects the organization’s ability to manage information security.
SOC 2 compliance is bifurcated as SOC 2 Type 1 and SOC 2 Type 2. Revv has strengthened its security by receiving SOC 2 Type 1 certification.
What is SOC 2 Type 1 certification?
The Type 1 certification revolves around the design of the security processes and structure in a company. It assesses the suitability and effectiveness of the design control.
A SOC 2 Type 1 audit report contains detailed information about a service company’s systems. It tells whether the design of the specified controls is appropriate as per the relevant trust services categories.
According to Revv’s auditor, Sensiba San Filippo LLP (SSF), Revv’s audit report did not have any noted exceptions and therefore was issued with a “clean” audit opinion.
We were motivated to build a security framework that would help our customers to leave their apprehension and doubts behind while sharing information with us. All the members of Revv participated with equal zeal and patience to build a SOC 2 Type 1 compliant system with a goal to keep customer data safe.
In an attempt to further solidify the security measures at Revv we will be beginning a SOC 2 Type 2 evaluation (6 month period) shortly.
We value your trust in us
Knowing your data is safe and secure brings mental peace and makes you more efficient. We strive to make Revv the most secure modern eSignature workflow automation platform for the customers who invest their trust, time, and valuable resources in our tool.