As defined by the AICPA, SOC (System and Organisation Controls), is a suite of service offerings provided in connection with system-level controls of a service organisation or entity-level controls of other organisations. The SOC2 process is widely recognised for establishing ethical and auditing practices for private companies, nonprofit organisations, and federal, state and local governments, and represents that a service organisation has been through an evaluation of their control activities as they relate to applicable Trust Services Principles and Criteria.
SOC2 Compliance is a requirement for any organisation that stores customer data in the cloud and is especially important for SaaS companies to minimise risk and data exposure. Organisations that have achieved SOC2 Compliance have demonstrated they have a process in place to detect and monitor known and unknown malicious activity while ensuring the safekeeping of customer data.
Melissa has been a leading provider of global identity verification and data quality solutions for over 35 years, offering superior support and security to 10,000 customers worldwide. To reinforce our commitment to data security, privacy, and compliance requirements, Melissa continually undergoes independent security audits and has successfully obtained SOC 2 Type 1 and Type 2 certifications.
SOC 2 Type 1, a report on management’s description of the service organisation’s system and the suitability of the design of the controls.
SOC 2 Type 2, a report on management’s description of the service organisation’s system and the suitability of the design and operating effectiveness of the controls.