SignWell, a leading cloud-based electronic signature software company, maintains effective security controls according to recent SOC 2 Type 2 report.
SignWell, a leading cloud-based electronic signature software company, announced that the company has undergone a System and Organization Controls (SOC) 2 Type 2 examination resulting in a CPA’s report stating that management of SignWell maintained effective controls over the security, availability of its electronic signature system. The engagement was performed by BARR Advisory, P.A.
Read More:Â Â Setting Records, Walmart Continues Moving Toward Becoming a Totally Renewable Business
A SOC 2 report is designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls used by the service organization to process customers’ information.
“We are pleased that our SOC 2 Type 2 report has shown we have the appropriate controls in place to mitigate risks related to security, availability, and confidentiality,” said SignWell Founder, Ruben Gamez. “While security and protecting our customers’ data are always our focus, during the rigorous audit, SignWell has provided evidence of its implemented security solutions and data protection methodology, demonstrating our commitment to providing a reliable and secure electronic signature platform.”
Read More:Â Â SalesTechStar Interview with Mark Magnacca, President and Co-founder at Allego
The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
A SOC 2 Type 2 report is an internal control report on the services provided by a service organization to its customers and provides valuable information that existing and potential customers of the service organization need to assess and address the risks associated with an outsourced service.
Read More:  Remote Work Doesn’t Mean The Risk Is Remote