It’s Official, We’re AICPA SOC2 Type I Certified!

SOC certification confirms our ability to keep customer information secure, resulting in a greater level of trust for clients who work with Sourcepass

December 22th, 2022 – Sourcepass is proud to announce that we have passed our SOC2 Type 1 Audit and are now officially SOC2 Type 1 certified! Here’s what our customers should know about this exciting milestone.

What is AICPA SOC2 Type 1 Certification?
Service Organization Control (SOC) 2 certification is a widely accepted security framework relevant to many regulated industries, including technology service providers, who wish to meet standards set forth by the American Institute of Certified Public Accountants (AICPA) and a variety of other institutions. The SOC 2 certification demonstrates that systems for processing customer and client data properly protects the privacy and security of this information and is based on the five Trust Service Criteria (TSC), Security, Availability, Processing Integrity, Confidentiality, and Privacy. A SOC2 certification is awarded to a company once an external auditor completes a comprehensive assessment of compliance with the above-mentioned TSCs.

How Does Having AICPA SOC2 Type 1 Certification Benefit Our Clients?
Our SOC2 Type I certification provides a new level of verification of our security processes. IT processes and operational procedures that we perform have been optimized, revised, renewed, documented, and verified in earning this certification. From a customer perspective, SOC certification establishes an organization’s ability to keep customer information secure, resulting in a greater level of trust when working with organizations like Sourcepass that have achieved SOC2 Type I certification.

Moving Forward Fast! Sourcepass Eyes SOC2 Type 2 Certification
SOC2 Type 1 certification means that an external auditor has assessed our organization’s scope and design of internal control processes in relation to relevant TSCs. However, this report only evaluates controls at a certain point in time without monitoring performance over a period of time. SOC2 Type 2 certification can only be achieved after the external auditor examines the operating effectiveness of these controls over a specified period of time, usually around 6 months.

We are now preparing to achieve SOC2 Type 2 compliance certification as soon as the first half of 2023! This effort will have an emphasis on real-time walkthroughs of our various processes and deliverables in an in-depth, “Show-me” part of the objective, and we look forward to the challenge!

Michael Ducsak is the Sourcepass Chief Information Security Officer. Reach out to Mike at (877) 678-8080.