As the platform on a mission to make consent-based marketing the best method for customer acquisition, our team at ActiveProspect is committed to meeting industry recognized  security standards for the benefit of our customers and the protection of their data. 

That’s why we’re thrilled to announce we have successfully completed our SOC2 Type II  Audit for the Trust Services Criteria of Security and Availability!

If you’re wondering what exactly SOC2 stands for, and more importantly, what it means for clients that trust ActiveProspect to protect their business data, keep reading to find the answers to all your questions.

What does SOC2 mean?

SOC stands for Service Organization Controls (SOC). This comprehensive Trust Services Criteria framework  was developed by the American Institute of Certified Public Accountants (AICPA) and the Information Systems Audit & Control Association (ISACA), to better assess the growing shared reliance of IT technical controls performed by service organizations. 

According to the AICPA and ISACA, these reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data, and the confidentiality and privacy of the information processed by these systems.

A SOC2 audit is completely voluntary, meaning that businesses who choose to undergo this lengthy and tedious process do so to build the ultimate level of trust and confidence with their customers and prospects through this security compliance framework.

What is a SOC2 Type II report?

A SOC2 Type II report is the result of an AICPA / ISACA framework which aims to provide an independent evaluation of a service organization’s performance of key trust services criteria controls related to security, availability, processing integrity, confidentiality and privacy.  

It includes a detailed description of the service organization’s environmental, applications, services, controls, independent auditor’s tests, observations, and an overall opinion on the design and operational effectiveness of those controls.

What does our  SOC2 Type II report mean for you?

This SOC2 Type II Audit demonstrates our commitment to independent evaluation of ActiveProspect’s policy, procedures and controls relating to the trust services criteria of security and availability in our important role as a Service Organization for our clients.  Completion of our first SOC2 Audit and the ongoing annual commitment to annual independent assessment shows that ActiveProspect is focused on and fully committed to secure handling and processing of our clients and partners data. 

How do I know ActiveProspect will continue to remain SOC2 compliant?

SOC2 audits are conducted annually, as technology and security practices continue to evolve at a rapid pace. Our security, compliance, product development, devops, and engineering teams are committed to ongoing monitoring, reviews of our platform and enforcement of our policies and procedures.

If you still have questions, please don’t hesitate to reach out and contact us here.