Skip to main content

SOC 2

SOC 2 is a standard created by the AICPA (Association of International Certified Professional Accountants). SOC stands for System and Organization Controls (formerly Service Organization Controls). This standard is used to evaluate a service organization’s adherence to one or more trust services criteria.

How do I get a copy of Sevalla’s SOC 2 report?

Visit our Trust Report page and click any of the request access buttons. In the modal/pop-up that appears, enter the requested information, review and accept our Confidentiality and Non-Disclosure Agreement (NDA), and click Request access to submit your request. If you only need access to one doc, select “Access to individual documents” and choose the document(s) you want. If you need access to all of the documents, leave “Full access” selected in the form.

What is SOC 2 certification?

When discussing SOC 2 compliance, it is sometimes incorrectly referred to as “certification.” No certificate is issued for SOC 2 compliance, so it isn’t really a certification. Instead, a report is created that details the organization’s compliance with one or more SOC 2 trust services criteria.

Who decides if you’re compliant?

An independent auditor evaluates the service organization’s compliance with one or more SOC 2 trust services criteria. This evaluation is performed at either a specific point in time (Type I) or over a period of time (Type II). BARR Advisory is Sevalla’s auditor, and Vanta is our GRC (Governance, Risk Management, and Compliance) Management Software.

What are the different types of SOC 2 reports?

A Type I report describes the security measures in place at a specific point in time. A Type II report (the type of report we have at Sevalla) assesses the effectiveness of those security measures over a period of time.

What are trust service criteria?

The five trust services criteria (formerly Trust Services Principles) are:

  • Security
  • Availability
  • Processing integrity
  • Confidentiality
  • Privacy

Why is SOC 2 compliance important?

When evaluating a service provider for your website, application, or database, you need to know that you can trust them with your data. Our SOC 2 compliance report provides independent proof of our commitment to security. It shows that we have established security procedures and adhered to those procedures over time.