RightRev NewsMarch 14, 2023
Data security is a top priority and more critical than ever for businesses. RightRev understands the importance of managing your customer’s finance and business data. That’s why we built our revenue recognition software with best-of-breed security standards to provide value to our customers while strongly committed to ensuring data security.
In January 2023, we achieved our SOC 1, Type II and SOC 2, Type II final audit report. At its simplest, this means that we guarantee enterprise-level data security and adhere to the AICPA SOC standards for secure services. This is an important milestone in our efforts to bring the best security to RightRev’s revenue recognition automation software and reinforces our commitment to the data security of all customers.
SOC 1 (Service Organization Control 1) Type 2 compliance is a type of audit report issued by an external auditor for a service organization. This report evaluates the internal controls of a service organization that are relevant to financial reporting.
The SOC 1 Type 2 compliance report covers a specific period of time, typically 12 months, and is based on an examination of the service organization’s control activities. The auditor evaluates whether the controls are operating effectively and achieving their intended objectives.
The SOC 1 Type 2 compliance report is commonly used by service organizations to provide assurance to their customers and stakeholders that the internal controls in place are sufficient to protect their financial data. It is also used by customers and stakeholders to help them comply with regulatory requirements and to assess the effectiveness of the service organization’s internal controls.
SOC 2 Type 2 compliance is a certification that demonstrates a company’s adherence to the Service Organization Control (SOC) 2 standards. SOC 2 Type 2 is an audit that evaluates a company’s controls around five trust principles: security, availability, processing integrity, confidentiality, and privacy.
SOC 2 Type 2 compliance requires companies to have controls in place that ensure the security, availability, processing integrity, confidentiality, and privacy of the data they process and store. These controls must be evaluated over a period of time, typically six to twelve months, to ensure that they are consistently applied.
The SOC 2 Type 2 audit process involves a thorough review of a company’s policies, procedures, and practices related to these trust principles. The audit also includes testing to ensure that these controls are effective and operating as intended. Once a company has successfully completed the SOC 2 Type 2 audit, they can provide assurance to their customers that they have appropriate controls in place to protect their data.
Achieving SOC 1 Type II and SOC 2 Type II audit compliance is just one milestone in our continuous efforts to provide the best solution to our customers. Security and maintaining customer trust will always be a top priority for RightRev as we continue to build a best-in-class revenue recognition automation solution.
About the Author
Sreedhar leads RightRev’s Engineering team. He has more than two decades of engineering and client-facing experience. Sreedhar previously worked at IBM, Zuora, Aruba Networks – An HP Company, and Juniper Networks.