Skip to content
English - United States
Contact us
  • There are no suggestions because the search field is empty.

What is SOC2 Compliance?

Covet is SOC2 Type II compliant. But what does that mean? In short, it demonstrates to customers and partners that Covet follows best practices in security and data protection. Here's how...

When a company is SOC 2 Type II (SOC II) compliant, it means that it has undergone an audit to ensure it meets the Service Organization Control 2 (SOC 2) standards set by the American Institute of Certified Public Accountants (AICPA).

Key Points About SOC 2 Type II Compliance:

  • Focus on Security & Data Protection: SOC 2 compliance evaluates how a company safeguards customer data, particularly for cloud-based and SaaS providers.
  • Trust Services Criteria (TSC): The audit assesses Security, Availability, Processing Integrity, Confidentiality, and Privacy of the system.
  • Type II vs. Type I:
    • SOC 2 Type I: Evaluates controls at a single point in time.
    • SOC 2 Type II: Assesses controls over a period of time (usually 3-12 months) to ensure consistent effectiveness.
  • Independent Third-Party Audit: A CPA firm or independent auditor verifies the company's adherence to SOC 2 standards.
  • Customer Assurance: Demonstrates to customers and partners that the company follows best practices in security and data protection.

See also "Are My Assets and Information Publicly Available?"