What is the SOC 2 Audit?
The Service Organization Control (SOC) 2 audit is a popular security and risk framework originating from North America to evaluate how cloud-based service providers handle security and company data. It covers both the suitability of a company’s controls and its overall operational effectiveness. While the SOC 2 audit is not required by law or mandated within any industry, it shows a company’s commitment to security, privacy, and transparency for their customers.
What is the SOC 3 Report?
The SOC 3 report is a public report that is earned by a company when there are no issues or deviations found in the SOC 2 audit.
What This Means for TIE Kinetix
TIE Kinetix had an independent assessment in order to earn these certifications for its FLOW Partner Automation platform. During the assessment, TIE Kinetix’s systems were sampled and tested for security, availability, and confidentiality. Additionally, the company provided documentation on its safeguards and controls and provided proof that these standards were consistently upheld for the period of August 1st, 2021, to July 31st, 2022.
After successfully completing the SOC 2 audit, TIE Kinetix then received the SOC 3 report. This report is available publicly upon request.
The SOC certifications evaluate whether a company meets the standards of security, availability, processing integrity, confidentiality, and privacy. These standards were set by the ASEC Trust Information Integrity Task Force.
What This Means for Our Customers
As data breaches continue to hurt the supply chain, TIE Kinetix is committed to ensuring minimal risk for customers who are users of our FLOW Partner Automation platform, which is a digitalization system that is hosted 100% in the Azure Cloud. The SOC certifications are further proof that the company is willing to go the extra step in order to maximize security and assuage customer fears of supply chain attacks.
Importance of Security
Prior to this achievement of SOC 2 and SOC 3 certification, TIE Kinetix had already implemented and achieved multiple ISO certifications. As an international company, TIE Kinetix undergoes yearly ISO 27001, ISO 27017, and ISO 27018 audits and will continue to uphold that certification as well. On top of certifications, TIE Kinetix has anticipated our clients’ (future) needs, where more and more outsourcing is becoming the standard. As a result, the need for assurance increases as well.
SOC Certifications and ESG Targets
In 2022, TIE Kinetix restructured its goals to ensure that the company met certain environmental, social, and governance (ESG) standards, while also maintaining our security standards for our customers. By completing the SOC 2 audit and receiving the SOC 3 report, we are contributing to our ESG goals by continuously evaluating and improving our internal processes in order to minimize risk for our customers. You can find more about our ESG targets here.
While we develop our solutions, and especially when it comes to our goal of offering a next-generation EDI solution, we continue to invest in security. Participating in the SOC audit was only one step in ensuring that our business infrastructure is sustainable for both partners and customers–while we make the conscious effort to improve in all other areas as well.
The SOC certifications are not the final step in our security journey; in fact, we’re far from the end. We’ve been ISO 27017 and ISO 27018 certified for over a year now, in addition to our already existing ISO 27001 certification, which demonstrates our commitment to ensuring minimal security risks to our customers. As new ESG laws are put into effect and more pressure is put on companies all over the world to improve their sustainability practices, we will continue to improve our technology and business processes to meet these standards.