Inriver SOC 2 compliance

Avatar
Daniel Silva
  • Updated

Sections in the article

    Inriver is SOC2 compliant.

     What is SOC 2?

    System and Organization Controls (SOC) 2 is an auditing procedure developed by AICPA that defines criteria for managing various aspects of security and customer data. There are five Trust Services Criteria (TSC):

    • Security
    • Availability
    • Processing Integrity
    • Confidentiality
    • Privacy

    The TSCs Security and Availability are recommend as most relevant for SaaS providers in our industry as they provide significant benefits and security for the SaaS provider and their customers (for example, management of personal data is covered by these TSCs).

    Organizations are audited by 3rd party auditors like Kompleye or Deloitte with two standards (or Types) of compliance audited:

    • SOC 2 Type I
    • SOC 2 Type II

    inriver views SOC 2 compliance as a crucial way to demonstrate that we are a security-conscious SaaS provider that provide the highest level of trust for prospective and existing customers.

    Differences in SOC 2 type I and SOC 2 type II

    SOC 2 Type l audits measure an organization’s ability to meet the desired TSCs based on the design and implementation of its controls, policies, and procedures. Type I audits are often referred to as a “snap-shot” of an organization’s compliance to SOC 2 standards.

    SOC 2 Type ll audits measure the organization’s effectiveness in applying its controls over a specific period of time (usually a year), the assessment of any possible risks, and the suitability of any plans to mitigate such risks appropriately.

     

    What does it mean for customers that inriver is SOC2 compliant?

    inriver SOC 2 Type II demonstrates inriver’s commitment to protecting & securing our customer's data, as well as our appetite and commitment for continuous improvement of our services and the entire structure surrounding it.

    With SOC 2 Type II compliance, organizations can be assured that inriver is operating to the highest industry standards by responsibly and proactively managing the risks inherent with providing a SaaS solution.

    Further reading

    Please visit inriver’s Trust Center to learn more about our security posture and compliance frameworks.

    Was this article helpful?

    Still need help? contact us

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.