Depix receives SOC2 Type II Certification

What is SOC® 2 Type II

SOC 2® – SOC for Service Organizations: Trust Services Criteria (Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy) These reports address controls relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information these systems process. They provide a level of detail sufficient to address the user’s vendor risk management needs and are restricted to specified parties with sufficient knowledge and understanding of the service organization’s system and the nature of services it provides.

Examples of service organizations that routinely obtain, process, and transmit customer data include those that provide customer support, health care claims management and processing, enterprise IT outsourcing, e-commerce SaaS applications, managed security, financial technology services, and ESG metric services.

The two types of SOC 2 reports are:

• Type 1 – A report on management’s description of the service organization’s system and the suitability of the design of the controls to provide reasonable assurance that the service organization’s principal service commitments and system requirements were achieved based on the applicable trust services criteria;

• Type 2 – A report on management’s description of the service organization’s system and the suitability of the design and operating effectiveness of the controls to provide reasonable assurance that the service organization’s principal service commitments and system requirements were achieved based on the applicable trust services criteria throughout a specified period.