After obtaining our initial certification in the spring, we’re pleased to announce that Correlated is now SOC 2 Type 2 compliant as determined by an audit completed by an accredited auditing firm. We are excited to continue to serve our customers and partners following this successful audit!
What is SOC 2?
SOC 2 was developed by the American Institute of CPAs (AICPA) and it defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality and privacy. It is the gold standard for determining security compliance for SaaS applications that handle customer data.
Why did Correlated undergo SOC 2 Type 2 compliance?
Correlated helps sales teams identify which of their customers are ready to convert from free to paid or expand revenue. Since a core part of our value proposition is processing our customers’ customer data, we make sure that we are adhering to the highest standards of security and privacy in our products, services and internal policies.
What are the requirements for SOC 2 compliance?
To pass SOC 2 Type 2 certification, we had to put into place security policies and practices that all Correlated employees follow. We also had to demonstrate that our internal systems and infrastructure was properly secured and monitored against internal and external threats. We make sure that all employees receive security training and new employees undergo background checks. We also had to make sure that these policies and controls were in place consistently for six months.
We were audited by an independent auditor that submitted a report detailing their review of our security policies and practices and continuously monitored Correlated for six months to make sure we were maintaining those policies and practices. If you’d like a copy of the auditor’s report, please let us know.
What does Correlated’s SOC 2 Type 2 compliance certification mean for you?
By undergoing SOC 2 Type 2 compliance, any customer or partner that works with Correlated can be confident that we are taking security and privacy very seriously. We follow the same general policies, guidelines and best practices that large companies like Snowflake or Salesforce have put in place.
Where are we going from here?
While SOC 2 Type 2 is the “gold standard” for SaaS security controls, we may seek additional security and compliance certifications over time including ISO 27001. We also intend to annually renew our certification by independent audit so you can be confident that we hold security and privacy as a top priority.
Correlated helps sales teams at leading SaaS companies identify customers that are ready to convert or expand revenue. For more information, schedule a demo!