Primary Contact: Eric M. Wright CPA, CITP

What can you tell us about your company/history of your company?

We are a secure communications software startup coming to a more mature level, 60 or so employees, globally, 在成立近五年之后.

Why did you want a Service Organization Control Report?

作为一家安全领域的公司, we felt it was important to pursue a third-party attestation of the work we were doing to ensure the security of our products and customers. Rather than vague statements about using or leveraging varying frameworks, 以及安全的承诺, an independent third-party examination of our security controls and effectiveness would go a lot farther. Specifically, we chose a SOC 2 report, as we had several FinTech deals in the pipeline, and the SOC 2 report resonates particularly well in that space, 以及被普遍接受.

Why is the SOC 2 Type 2 report valuable from your customers’ perspective?

As an independent third party, the auditors review our controls and posture. 不仅仅是二进制证书, 和其他标准一样, SOC 2报告允许潜在的利益相关者, 比如客户或投资者, to review, or have reviewed, the report, to ensure the control set is what they would expect for the product/company/service. 

Why did you choose to partner with Schneider Downs for your SOC report?

As a smaller business, at the front of the technology curve for our industry, we were really looking for a smaller firm we felt would have closer relationships. The larger firms we spoke to had a mentality we were afraid wouldn’t mesh well with us. 作为一个高度创新的产品和bet9平台游戏, we are very used to having to explain ourselves, 我想确定有人会听我的. Having met one of the audit leaders at Schneider Downs professionally, I was certain this would be
the case, and it was.

Can you describe your experience with Schneider Downs?

我对我们的经历非常满意. This was our initial report, and initial third-party examination. While we had prepared hard, there was some trepidation. The auditors, and the audit leadership made the process very smooth. As we encountered issues with evidencing certain controls, 我们能够讨论这些问题, and find a course of action to provide the documentation needed to prove the control effectiveness. 在现代敏捷系统中, 这并不总是最容易做到的, 但我们能够找到创造性的解决方案, together, 以达到提供报告的目标, 同时坚持相同的标准.

How has your SOC report process been beneficial?

到我们收到最终报告的时候, we had three customers waiting for it as part of their Due Diligence of us. Since then, we have used it numerous times to shorten conversations regarding security practices. That is, as third party surveys or Due Diligence has come up, we have simply provided the SOC 2 report for review. There are occasional questions that are beyond the scope of the report, but it is certainly easier than responding manually to every request. 这不仅仅是我们的陈述, but the word of seasoned SOC report practitioners, 只是减少了销售周期中的摩擦, 特别是对于我们所处的空间.

施耐德唐斯SOCbet9平台游戏

• SOC 1 Examinations
• SOC 2 Examinations
• SOC 3 Examinations
• SOC for Cybersecurity
• SOC for Supply Chains

关于施耐德唐斯SOCbet9平台游戏

Schneider Downs employs a unique approach to SOC reports, integrating the expertise of information technology, internal audit and external audit professionals. By combining cross-disciplinary knowledge and project management expertise, we are able to effectively deliver on our clients' expectations. If you are interested in learning how we can assist your organization, please contact us to get started or learn more about our practice at 089wbug3.945996.com/soc.