System and Organization Controls (SOC), defined by the American Institute of Certified Public Accountants (AICPA), are rigorous security compliance standards to validate that the technology systems of organizations are set up to assure security, availability, processing integrity, confidentiality, and privacy of customer data.
In February 2021, Vretta successfully completed the rigorous audits related to the following two SOC compliance standards:
SOC 1 Type 2: Controls validate the fairness of the management’s description of technology systems, the suitability of the designs, and the operating effectiveness of the Internal Control over Financial Reporting (ICFR).
SOC 2 Type 2: Controls addressed by five Trust Service Principles: Privacy, Security, Availability, Processing Integrity, and Confidentiality. This audit validates the assurance of the controls used to process user data and the confidentiality and privacy of the information processed by the technology systems. The controls play an important role in the vendor management programs, internal corporate governance and risk, management processes, and regulatory oversight.
“The SOC certifications reinforce Vretta’s continued commitment to the security, availability, processing integrity, confidentiality, and privacy of data of our e-assessment and learning solutions,” says Zach Williams, Director of Technology at Vretta. He adds “Our SOC certifications in conjunction with our ISO 27001 compliance are testament of our commitment to establishing and maintaining the highest level of security and compliance in the industry.”
To learn more about how Vretta is maintaining the security and integrity of our solutions, email firstname.lastname@example.org.