Hyarchis has received the industry-standard SOC 2 Type 1 certification in July and will start on obtaining SOC 2 Type 2 in September. SOC 2 is a compliance standard for service organizations and reports on controls related to security, availability, processing integrity, confidentiality or privacy.
A SOC 2 Type 1 (Type I report) audit tests the design of a compliance program. Typically, an external auditor will check to see that a company has identified and documented the controls it has in place, and provides sufficient evidence that these controls are functional.
A Type 1 report assesses compliance at a single point in time. A Type II report, on the other hand, tests not only the compliance program but also the operating effectiveness of controls over time. Usually, a Type 2 audit assesses compliance over a six to 12-month review period.
Clients of financial service companies like Hyarchis increasingly ask their suppliers to demonstrate their processing integrity and confidentiality of customer data, says Aurelijus Butkus, DevOps Manager: “SOC 2 Type 1 certification is a way to signal to potential customers that data is safe in the hands of a compliant company. Now that we have SOC 2 Type 1 certification, we can engage larger and more security-conscious organizations with our services.”