SOC 2 Type II

Service Organization Controls

AICPA SOC Logo

SOC 2 Type II Certification

SOC (Service Organization Controls) certifications are the internal data protection controls that are implemented at a third-party service organization. SOC certifications protect the systems or data that are being accessed by third-parties.

SOC 2 Type II reports are the most comprehensive SOC certifications. A company that has achieved SOC 2 Type II certification is taking a proactive approach and investing in keeping its clients’ data secure. For service providers working with cloud and IT services, this certification is critical for their regulators, examiners, and auditors.

Typically, an MSP will choose to be evaluated against the security, availability, and confidentiality categories. Data security is critical to the livelihood of MSPs, and taking a proactive approach with critical controls is a huge differentiator from competitors.

Achieving SOC 2 Type II compliance takes a dedicated compliance team, regular audits, and engaging an independent third party to produce bi-annual reviews. The costs can easily reach hundreds of thousands of dollars.

Tehama’s SOC 2 Type II controls are audited on Security, Availability and Confidentiality

Tehama has 107 controls built into the platform, making SOC 2 Type II compliance a lot easier and affordable for an MSP or Service Provider.