We're excited to announce today that the Secoda has successfully completed its SOC 2 audit. SOC 2 engagements are based on the AICPA’s Trust Service Criteria. SOC 2 audit reports focus on a Service Organization’s non-financial reporting controls as they relate to Security, Availability, Confidentiality, Processing Integrity and Privacy of a system. The audit was conducted by Dansa D’Arata Soucia LLP (www.darata.com). In doing so Secoda maintains its adherence to one of the most stringent, industry-accepted auditing standards for service companies and provides additional assurance to its clients, through an independent auditor, that its business process, information technology and risk management controls are properly designed.
The official audit report provides a thorough review of Secoda internal controls, policies, and processes for it's knowledge management system for data teams. It also reviews Secoda's processes relating to risk management and subservice (vendor) due diligence, as well as Secoda's entire IT infrastructure, software development life cycle, change management, logical security, network security, physical; environmental security, and computer operations.
"We are pleased that our SOC 2 report has shown that we have the appropriate controls in place to mitigate risks related to the services we provide to our customers,” said Andrew McEwen, Secoda's CTO . “Implementing strong cybersecurity controls for a SOC 2 audit has reduced the risk of a significant data breach involving customer data and has helped our team implement leading standards from day 1.”