Alchemer (formerly SurveyGizmo) – a global leader in Customer Experience (CX) and Voice-of-the-Customer (VoC) technology – announced the successful completion of its Service Organization Control (SOC) 2 Type 2 examination, which demonstrates compliance with the leading industry standards for managing enterprise data. Alchemer requested this voluntary audit to further affirm its long-standing commitment to information and data security and privacy practices, ensuring policies, procedures and operations not only meet, but exceed the industry standards for security, availability, and confidentiality.
Also Read: Aqurus Launches eCommerce Integration ERP Software Resource Center
“Collecting and managing customer data is our core business. Completing the SOC 2 Type 2 examination demonstrates that we are taking the required steps to protect our customers’ data,” said David Roberts, CEO of Alchemer. “Alchemer has long been at the forefront of ensuring data security and privacy, and we will continue to invest heavily in fiercely safeguarding customer data.”
In 2019, Alchemer completed a SOC 2 Type 1 examination. The SOC 2 standard validates that systems are established to manage the security, availability, processing integrity, confidentiality, and privacy of customer data. Alchemer’s data centers are now all SOC 1 (financial systems), SOC 2 (information systems), and SOC 3 (business systems) certified.
The American Institute of CPAs (AICPA)’s Service Organization Control established the Security Operations Center (SOC) standard as a means to assure customer data security in different systems. The SOC 2 standard focuses on information systems, assuring customers that they have been audited for customer data security, availability, processing integrity, confidentiality, and privacy. In addition to the technical audit, there is a requirement for the company to document and follow comprehensive information security policies and procedures.
SOC 2 applies to organizations that store customer data in the cloud, which includes virtually every SaaS (Software as a Service) company, such as Alchemer. SOC 2 Type 1 assesses the design of security processes at a specific point in time, while a SOC 2 Type 2 report assesses the effectiveness of those controls over time by observing operations for six months.