We are delighted to announce that Forcepoint has received an AICPA SOC Type 2 report to add further depth to its Cloud Trust Program. AICPA (The Association of International Certified Professional Accountants) SOC standards establish the framework for examining controls at a service organization: SOC 1 reports focus on financial reporting, while SOC 2 and 3 reports focus on nonfinancial reporting controls relating to security, availability, processing integrity, confidentially, and privacy. SOC 2 also examines the details of datacenter testing and operational effectiveness.
This most recent audit was conducted by an independent audit body (Coalfire) approved by AICPA, and involves a rigorous review of Forcepoint’s Cloud security controls. The AICPA SOC 2 Type II audit included a full assessment of a company’s Cloud infrastructure, software, people, procedures, and data.
AICPA SOC 2 reporting was specifically developed for cloud computing, SAAS and IT managed services, and addresses the five “Trust Services Principles”; security, availability, confidentiality, processing integrity and privacy.
What does SOC 2 mean for our customers?
In certain markets and geographies a SOC 2 report is required to do business. While our other certifications within our Cloud Trust Program including ISO 27001:2013 , ISO 27018:2014 (Cloud Privacy) and Cloud Security Alliance STAR bring value globally, the SOC 2 report delivers assurance for customers with stringent vendor due diligence programs.
Forcepoint continues to deliver best practice and build momentum with the combination of our strong partner community and world-class solution capabilities that organizations need in order to secure their cloud applications.