Everstream is SOC 1, Type 2, certified and SOC 2, Type 2, certified.
SOC, which stands for “system and organization controls,” is a system of service organization controls — a series of standards designed to help measure how well a given service organization conducts and regulates its information. The purpose of SOC standards is to provide confidence and peace of mind for organizations when they engage third-party vendors. A SOC-certified organization has been audited by an independent certified public accountant, who determined the firm has the appropriate SOC safeguards and procedures in place.
SOC 1, Type 2, Certification
SOC 1® reports on a service organization’s controls related to its clients’ financial reporting.
These reports — prepared in accordance with AT-C section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting — are specifically intended to meet the needs of entities that use service organizations (user entities) and the CPAs that audit the user entities’ financial statements (user auditors), in evaluating the effect of the controls at the service organization on the user entities’ financial statements.
SOC 1, Type 2, is a report on the fairness of the presentation of the Everstream Executive Team’s description of the company’s system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout a specified period. Use of these reports is restricted to the management of the service organization, user entities, and user auditors.
SOC 2, Type 2, Certification
SOC 2® reports on a service organization’s controls related to security, availability, processing integrity, confidentiality or privacy. The SOC 2 protocol is designed for more advanced IT service providers, including data centers, cloud computing vendors, managed IT service providers (MSPs) and SaaS (software-as-a-service) companies.
These reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems.
These reports can play an important role in oversight of the organization; vendor management programs; internal corporate governance and risk management processes; and regulatory oversight.
SOC 2, Type 2, is a report on the Everstream Executive Team’s description of the company’s system, the suitability of the design and operating effectiveness of controls. Use of these reports are restricted.
If you are an Everstream customer and require verification of our SOC certifications, please download Everstream’s SOC 1, Type 2, report here or Everstream’s SOC 2, Type 2, report here.