As the platform on a mission to make consent-based marketing the best method for customer acquisition, ActiveProspect is committed to meeting industry-recognized security standards for the benefit of our customers and the protection of their data. 

That’s why we’re excited to announce we have successfully completed our SOC 2 Type II Audit for the Trust Services Criteria of Security and Availability!

What does SOC 2 mean?

SOC stands for Service Organization Controls (SOC). This comprehensive Trust Services Criteria framework was developed by the American Institute of Certified Public Accountants (AICPA) and the Information Systems Audit & Control Association (ISACA) to better assess the growing shared reliance of IT technical controls performed by service organizations. 

According to the AICPA and ISACA, these reports are intended to meet the needs of a broad range of users who need detailed information and assurance about the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data, as well as the confidentiality and privacy of the information processed by these systems.

An SOC 2 audit is completely voluntary, meaning that businesses who choose to undergo this lengthy and tedious process do so to build the ultimate level of trust and confidence with their customers and prospects through this security compliance framework. It’s similar to the reason that businesses choose to become ISO 27001 compliant, in that adhering to any of these recognized, security-focused standards will set you above less prepared competitors.

What is an SOC 2 Type II report?

An SOC 2 Type II report is the result of an AICPA / ISACA framework which aims to provide an independent evaluation of a service organization’s performance of key trust services criteria controls related to security, availability, processing integrity, confidentiality, and privacy.  

It includes a detailed description of the service organization’s environment, applications, services, controls, independent auditor’s tests, observations, and an overall opinion on the design and operational effectiveness of those controls.

What does our SOC 2 Type II report mean for you?

This SOC 2 Type II Audit demonstrates our commitment to an independent evaluation of ActiveProspect’s policy, procedures, and controls relating to the trust services criteria of security and availability in our important role as a Service Organization for our clients. Completion of this SOC 2 Audit and the ongoing annual commitment to annual independent assessment shows that ActiveProspect is focused on and fully committed to secure handling and processing of our clients’ and partners’ data. 

How do I know ActiveProspect will continue to remain SOC 2 compliant?

As technology and security practices continue to evolve at a rapid pace, SOC 2 audits are conducted annually. Our security, compliance, product development, DevOps, and engineering teams are committed to ongoing monitoring, reviews of our platform, and enforcement of our policies and procedures.If you still have questions, please don’t hesitate to reach out and contact us here.