Skip to main content

SOC 2 certification

Kisi is SOC 2 certified. SOC 2 (System and Organization Controls 2) is a globally recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). This certification is a formal evaluation and attestation of Kisi's controls over the security, availability, processing integrity, confidentiality, and privacy of customer data.

What SOC 2 means for you

SOC 2 certification demonstrates that Kisi has implemented and maintains effective controls for protecting customer data. The certification covers five key trust service criteria:

  • Security: Protection against unauthorized access
  • Availability: System operational availability as committed
  • Processing integrity: Complete, accurate, timely processing
  • Confidentiality: Protection of confidential information
  • Privacy: Personal information protection and privacy controls

Benefits of being SOC 2 certified

  1. Security controls: Comprehensive assessment of security controls.
  2. Trust and assurance: Provides trust and assurance to customers.
  3. Compliance framework: Meets regulatory and industry compliance.
  4. Data protection: Demonstrates commitment to protecting customer data.
  5. Independent auditing: Conducted by certified third-party auditors.
  6. Risk management: Evaluates and mitigates security risks.
  7. Continuous improvement: Promotes ongoing enhancement of security practices.
  8. Transparent reporting: Detailed reports on control effectiveness.

Additional certifications

In addition to SOC 2, Kisi also maintains ISO 27001 certification, which provides a comprehensive information security management framework. Both certifications are validated by independent third-party auditors through annual compliance audits.

Ongoing compliance

Our SOC 2 certification is maintained through:

  • Annual compliance audits by independent third-party auditors
  • Continuous monitoring of security controls and processes
  • Annual penetration tests and security assessments
  • Employee training and security awareness programs
  • Incident response and management procedures

Security assessments

As part of our SOC 2 compliance program, Kisi conducts annual penetration tests by certified third-party security firms. These assessments ensure our security controls remain effective and help us continuously improve our security posture.