System and Organization Controls (SOC) 2

System and Organization Controls (SOC) 2 reports are independent third-party examination reports that demonstrate how an organization achieves key compliance controls and objectives.

SOC 2 reports are based on the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) existing Trust Services Criteria (TSC). The purpose of the report is to evaluate an organization’s information systems relevant to security, availability, processing integrity, confidentiality, and privacy.

SyncEzy undergoes rigorous independent third-party SOC 2 audits conducted by a reputable certified public accountant (CPA) firm to certify individual products on a regular basis. The audit firm evaluates whether SyncEzy’s compliance controls are designed appropriately, were in operation on a specified date, and were operating effectively over a specified time period.

Both SOC 2 and SOC 3 reports are attestation examinations that are conducted in accordance with the SSAE 18 standard, specifically sections AT-C 105 and 205, governed by the AICPA. The main difference is SOC 2 is a restricted use report and SOC 3 is a public-facing report.

FAQs about Soc2

SOC 2, aka Service Organization Control Type 2, is a cybersecurity compliance framework developed by the American Institute of Certified Public Accountants (AICPA). The primary purpose of SOC 2 is to ensure that third-party service providers store and process client data in a secure manner.

Request SOC 2 Documentation

Software Partnerships

Let us Automate your business!

We have a team ready to answer any questions and help you get started. Drop your details here and we'll get back to you within 24 hours.