SOC 2 certification
Kisi is SOC 2 certified. SOC 2 (System and Organization Controls 2) is a globally recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). This certification is a formal evaluation and attestation of Kisi's controls over the security, availability, processing integrity, confidentiality, and privacy of customer data.
What SOC 2 means for you
SOC 2 certification demonstrates that Kisi has implemented and maintains effective controls for protecting customer data. The certification covers five key trust service criteria:
- Security: Protection against unauthorized access
- Availability: System operational availability as committed
- Processing integrity: Complete, accurate, timely processing
- Confidentiality: Protection of confidential information
- Privacy: Personal information protection and privacy controls
Benefits of being SOC 2 certified
- Security controls: Comprehensive assessment of security controls.
- Trust and assurance: Provides trust and assurance to customers.
- Compliance framework: Meets regulatory and industry compliance.
- Data protection: Demonstrates commitment to protecting customer data.
- Independent auditing: Conducted by certified third-party auditors.
- Risk management: Evaluates and mitigates security risks.
- Continuous improvement: Promotes ongoing enhancement of security practices.
- Transparent reporting: Detailed reports on control effectiveness.
Additional certifications
In addition to SOC 2, Kisi also maintains ISO 27001 certification, which provides a comprehensive information security management framework. Both certifications are validated by independent third-party auditors through annual compliance audits.
Ongoing compliance
Our SOC 2 certification is maintained through:
- Annual compliance audits by independent third-party auditors
- Continuous monitoring of security controls and processes
- Annual penetration tests and security assessments
- Employee training and security awareness programs
- Incident response and management procedures
Security assessments
As part of our SOC 2 compliance program, Kisi conducts annual penetration tests by certified third-party security firms. These assessments ensure our security controls remain effective and help us continuously improve our security posture.