What does SOC 2 Type II mean and how does it affect me?

What is it?

The Question arises of what exactly SOC 2 Type II security certification is, and I am here to answer it. The SOC 2 Type II Report is "designed for the growing number of technology and cloud computing entities that are becoming very common in the world of service organizations," according to ssae-16.com. To get this issued to an organization, it will be followed by a 6-12 month audit of every facet of the organization; including the financial stability and longevity of the company, documenting every procedure, firewall security, disaster recovery, secure protocols for database access, and ensuring security compliance among all employees.

Having a SOC 2 report means the data is stored and processed securely and usually reserved for financial institutions for the level of encryption. The difference between a SOC 1 and SOC 2 report is SOC 1 reports are "important components of user entities' evaluation of their internal controls over financial reporting for purposes of complying with laws and regulations," (aicpa.org), whereas SOC 2 reports "are intended to meet the needs of a broad range of users that need to understand internal control at a service organization as it relates to security, availability, processing integrity, confidentiality, and privacy." (aicpa.org). A company with SOC 2 Type II audit report can offer comprehensive data security.

Does it matter for me?

How does this affect me? If your company uses a partner for collection, processing, and retention of sensitive information it is best practice to make sure the data is secure, as well as asking other pertinent information for your specific capital project planning needs. SOC 2 Type II is paramount for owners dealing with capital construction projects that need to manage multiple moving parts. Knowing that your data is secure and that it does not contain vulnerabilities similar to other enterprise software that can have issues with role authentication and budgetary information is crucial. Because Projectmates software is role based and data is kept in protected locations with secure encryption you can rest assured that your data is safe and projects are optimized with the best solution available.

Do you value?

If you answered yes to the above make sure to inquire about the latest audit and the prospective partner is SOC 2 Type II compliant. Projectmates is proud to be SOC 2 Type II certified.

Related Articles

Ready to see how Projectmates can help you?

Request additional information or arrange a
personalized demo to get a first-hand look today.