Cranium is Now SOC 2 Type 2 Compliant
While there’s nothing standard about our services, we strive for the best in industry standards – that’s never been more true as we announce that we’re now SOC 2 compliant.
What is SOC 2 Compliance?
For over a decade, the American Institute of Certified Public Accountants (AICPA) has implemented SOC 2 (System and Organization Control Type 2) as a more tech-focused auditing tool resting on five pillars:
- Security: Protecting system resources from unauthorized access.
- Availability: Systems and services can operate per their commitments.
- Processing Integrity: System processing is valid, complete, accurate, and authorized.
- Confidentiality: Protection of information from unauthorized individuals.
- Privacy: All personal data collection accords with the privacy notice.
Over three months last year, the assessment found that Cranium satisfied all the requisite criteria.
Who Conducted the Audit?
Aprio, a top business advisory and accounting firm ranked by Accounting Today in 2023 as one of the Best Firms for Technology nationwide, conducted our SOC 2 audit. Cranium has a positive SOC 2 Type 2 attestation report per the AICPA’s Trust Services Criteria for Security.
Cranium: A Mind for What’s Next
SOC 2 Type 2 compliance is a landmark designation but only the starting line. We will continually commit ourselves to the loftiest security standards, practices, and operations, ensuring we’re as compliant as the AI and ML systems we help secure.