Fyle, a new-age spend management platform, announced today that it has achieved SOC 2 Type I compliance. The audit was conducted by Prescient Assurance, a leader in security and compliance audits for B2B, SaaS companies worldwide.
Read More: SalesTechStar Interview with Michael Ramsey, VP of Customer Workflow Products at ServiceNow
Fyle’s SOC 2 Type I audit report demonstrates that they manage their data with the highest security and compliance standard. They have the infrastructure, controls, and processes to protect customer data from unauthorized access, both from within and outside the firm. Fyle uses Sprinto to monitor processes continuously and stay compliant.
The SOC 2 is a technical audit created by the American Institute of Certified Public Accountants (AICPA) standards for Service Organizations. It measures the Security, Availability, Confidentiality, Processing Integrity, and Privacy of an organization’s data processing systems, and determines whether adequate safeguards and controls are in place.
Read More: SalesTechStar Interview with Todd Donahue, CFO at Ordergroove
“We are thrilled to receive the SOC 2 Type 1 certification, which further proves our commitment to keeping user data secure,” said Sivaramakrishnan Narayanan, CTO of Fyle. “The certification is a significant accomplishment and will become more crucial as we grow, giving us a competitive edge. Our customers can feel very confident that we are making every investment to establish and maintain the highest standard of security.” Fyle’s AI-powered spend management platform has enabled businesses in the US to close books faster by automating a large part of accountants’ manual work. Fyle instantly codes spend information, allocates it to the right categories, projects & cost centers, and directly integrates with accounting software like NetSuite, Sage Intacct, QuickBooks Online & Xero.
The recent achievement adds to the company’s already robust set of security measures. Fyle employs user authentication, SAML 2.0, data encryptions, role-based access controls, and more to enable continuous control. Additionally, they are fully GDPR compliant. An external auditor routinely tests all applications, infrastructure, and security processes for vulnerabilities every 6 months, with industry-standard testing methods.