Sustain.Life, is pleased to announce that it has officially completed its SOC 2® Type 2 assessment as of January 12, 2023. The company values the importance of protecting and securing sensitive customer data. The SOC 2 audit was conducted by leading compliance assessor A-LIGN, a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to help mitigate cybersecurity risks.
“Achieving SOC 2 compliance is no small feat. It required extensive audits and testing of our security controls to ensure that they are robust and resilient,” said Mark Schechter, vice president, of infrastructure and security at Sustain.Life. “We are proud of the work that we have done to achieve compliance, and we are confident that our clients will feel secure knowing that their carbon accounting data is being protected to the highest standards.”
“A SOC 2 audit is a statement about an organization’s commitment to protecting their information,” said Stephanie Oyler-Rankin, SOC practice lead at A-LIGN. “As a trusted third-party assessment firm, A-LIGN independently evaluates client data processes and procedures, governance on internal controls and security posture. Sustain.Life’s SOC 2 report validates its commitment to data security and protection, as well as compliance with critical standards to mitigate cybersecurity threats.”
Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 examination is designed for organizations of any size, regardless of industry and scope, to ensure the personal assets of their potential and existing customers are protected. SOC 2 reports are recognized globally and affirm that a company’s infrastructure, software, people, data, policies, procedures, and operations have been formally reviewed.
What is a SOC 2 report?
A SOC 2 report addresses risks associated with the handling and access of data, and can be used by a variety of organizations of any size (e.g., SaaS, colocation, data hosting, etc.). Rather than a cybersecurity assessment that evaluates specific technical configurations, a SOC 2 report focuses more on how an organization implements and manages controls to mitigate the identified risks to the different parts of an organization.