Today, we’re excited to announce that Coris is SOC 2 Type I compliant. We partnered with Advantage Partners, an independent auditor, who has verified that our technology and processes adhere to the highest standards of security and privacy.

‍

What is SOC 2? 

SOC 2, or Systems and Organization Controls 2, is a compliance standard developed by the American Institute of CPAs (AICPA) outlining how organizations like Coris should manage customer data. The SOC 2 security framework is based on five trust service principles for customer data management: security, availability, processing integrity, confidentiality, and privacy. 

During the SOC 2 certification process, an independent auditor such as Advantage Partners evaluates a company’s security posture as it relates to one or all of the above trust service principles. The audit includes scoping, gap analysis, control testing, and more. For Type I certification, auditors specifically assess whether security controls are designed appropriately at a specific point in time.

In addition to Advantage Partners, we partnered with Vanta to automate parts of the SOC 2 certification process.

‍

Why is SOC2 compliance important?

Our customers operate in heavily regulated industries like financial services, where data security and privacy is of the utmost importance. Consequently, they need to make sure their partners also handle data with a high degree of sensitivity and privacy. SOC 2 certification assures our customers that we prioritize data security and have strong internal controls to mitigate any risk of data breach.

‍

What’s next?

SOC 2 Type I certification is just the beginning. We’ll continue to make significant investments in our security and privacy infrastructure, and ensure that merchant data on Coris’s platform is sufficiently protected. We plan on becoming SOC2 Type II compliant in the next few months.

If you’d like to learn more or receive a copy of Coris’s SOC 2 report, please contact us.