On behalf of Pliancy, I’m excited to announce that we completed our SOC 2 examination earlier this spring. This accomplishment underscores our dedication to meeting and exceeding rigorous security standards that keep your information and data safe. The report is now available to clients through our Trust Center.
What is SOC 2?
SOC stands for “Service and Organization Control,” an audit service regulated by the American Institute of Certified Public Accountants (AICPA) and the Chartered Institute of Management Accountants (CIMA).
A SOC 2 examination evaluates and reports on the suitability of the design and operating effectiveness of controls in 5 Trust Service Categories, established by the Assurance Services Executive Committee (ASEC):
– Security
– Availability
– Processing Integrity
– Confidentiality
– Privacy
Why SOC 2 Matters—for You
Independently Verified
As a partner, client, or a prospective client of Pliancy, our SOC 2 report means you don’t have to just take our word for it; Pliancy’s systems and processes have been thoroughly audited by an objective, certified third-party CPA firm, so you can have even greater confidence in the security of your information.
Accelerated Vendor Due Diligence
Pliancy’s control environment is built to follow SOC 2 and ISO 27001:2022 frameworks, which simplifies the process of completing due diligence questionnaires (DDQs) and other risk assessments. Moving quickly through vendor evaluation means we can start your onboarding process and ongoing support as soon as possible—so you can focus on your core business, not IT.
Continuous Vigilance
After completing our SOC 2 audit for the first time, our policies won’t be left to gather dust. Compliance must be renewed annually, so our systems will be regularly reviewed and updated in response to developing technologies, security risks, and other trends. Our compliance helps you reduce your risk, no matter what the future brings.
How SOC 2 Reflects Pliancy’s Culture
Leading Pliancy’s SOC 2 initiative, I had a front-row seat to the hard work and dedication it took to make compliance a reality. It required collaboration and coordination from the entire organization, at each level of seniority and across every function.
Our VPs took ownership and paved the way forward. Managers made sure SOC 2 was given bandwidth alongside other projects. Individual contributors made implementation and evidence collection possible. I had the pleasure of partnering not only with technical colleagues in engineering and professional services, but with business operations, people operations, finance, and other supportive roles to reach control readiness.
This all-hands-on-deck mentality is nothing new for Pliancy. When you ask your consultant to solve a problem, you’re not getting help from just one person. You’re leveraging the knowledge and experience of dozens of technical staff, plus the critical reasoning and outside-the-box thinking of our entire organization. We inspire one another to devise innovative approaches, creative solutions, and unexpected fixes every day.
In the same way, our cross-functional collaboration for SOC 2 compliance means controls are embedded throughout Pliancy. It’s not just the responsibility of the security and compliance team. At Pliancy, in ways big and small, we’re all working proactively to protect you and your information.
Clients can directly request access to Pliancy’s SOC 2 report through our Trust Center. For more information and questions regarding SOC 2 and our control environment, please contact your primary Pliancy consultant.