Announcing our SOC 2 Type 2 Compliance

December 11, 2023

Today, we’re excited to announce that Coris is SOC 2 Type II compliant. We partnered with Advantage Partners, an independent auditor, who has verified that our technology and processes adhere to the highest standards of security and privacy.

What is SOC 2? 

SOC 2, or Systems and Organization Controls 2, is a compliance standard developed by the American Institute of CPAs (AICPA) outlining how organizations like Coris should manage customer data. The SOC 2 security framework is based on five trust service principles for customer data management: security, availability, processing integrity, confidentiality, and privacy. 

During the SOC 2 certification process, an independent auditor such as Advantage Partners evaluates a company’s security posture as it relates to one or all of the above trust service principles. The audit includes scoping, gap analysis, control testing, and more. ‍For Type II certification, auditors assess how effective the designed security controls are over time by observing operations for a period of time.

In addition to Advantage Partners, we partnered with Vanta to automate parts of the SOC 2 certification process.

What’s the difference between Type I and Type II compliance?

Coris achieved SOC 2 Type I compliance over the summer. Type I compliance ensures our partners that Coris’s systems and controls are designed effectively to meet the applicable trust service criteria at a specific point in time. 

SOC 2 Type II compliance goes a step further. It not only examines the design of controls but also evaluates their effectiveness over a sustained period of time. It provides a more comprehensive assessment of how well the controls are operating and whether they are achieving the intended outcomes. Because type II compliance is more rigorous, many companies use this as a criteria when evaluating a vendor’s security posture.

Why is SOC 2 compliance important?

Our customers operate in heavily regulated industries like financial services, where data security and privacy are of the utmost importance. Consequently, they need to make sure their partners also handle data with a high degree of sensitivity and privacy. SOC 2 Type II compliance assures our customers that we prioritize data security and have strong internal controls to mitigate any risk of data breach.

What’s next?

Coris will continue to invest in best-in-class security and privacy practices to ensure customers’ merchant data is sufficiently protected on our platform. 

If you’d like to learn more or receive a copy of Coris’s SOC 2 report, please contact us.

Wrapping Up

We hope this guide is helpful for getting started with the OS1 and Google Cartographer. We’re looking forward to seeing everything that you build. If you have more questions please visit forum.ouster.at or check out our online resources.

This was originally posted on Wil Selby’s blog: https://www.wilselby.com/2019/06/ouster-os-1-lidar-and-google-cartographer-integration/

Related Resources

How does GPT-4-powered merchant industry classification compare to a risk analyst?
Introducing Account Graph
Introducing Adverse Media Insights
How do Stripe Connect Custom customers manage SMB risk?
Recap: Perspectives on Scaling Embedded Payments
Introducing our Adyen Integration
Introducing MerchantVision, powered by GPT-4 with vision
Mindbody reduces manual SMB onboarding by 80% in 45+ countries
Announcing our fundraising, new SMB fraud model & KYB
New year, same risks?
Reducing fraud through MerchantProfiler
Recap: Risk management as a growth lever in a downturn
Introducing Account Tags
Our feature in the "Leaders in Payments" podcast
Recap: How to successfully manage embedded payments
Announcing our SOC 2 Type 2 Compliance
How to build a risk program for your payments product
Introducing IndustryMark
Introducing Fuzio, the first Merchant Risk Operating System
How to choose a payments model for your software platform
Introducing Case Management
Announcing our integration with Stripe Connect
Announcing our expansion to 42 additional countries
Announcing Coris’s SOC 2 Type I Compliance
Going global: Expanding to the U.K., Canada, and Australia
Automating Merchant Underwriting with Coris’s SiteRating
Coris AI launches Merchant Real Industry using GPT-4
Risk 101: Everything You Need to Know
The 5 Levels of Automating Small Business Underwriting
Automation of Merchant Risk Monitoring is Essential
Strong Infrastructure is the Key to Scaling SMB Underwriting
Why Monitoring Merchant Risk Needs to be Elevated
Explore
IntegrationsDevelopersAbout UsResources
legal
Privacy PolicyTerms & Conditions
connect
LinkedInTwitter
©2024 Coris, Inc. All Rights Reserved

Announcing our SOC 2 Type 2 Compliance

October 27, 2023

Today, we’re excited to announce that Coris is SOC 2 Type II compliant. We partnered with Advantage Partners, an independent auditor, who has verified that our technology and processes adhere to the highest standards of security and privacy.

What is SOC 2? 

SOC 2, or Systems and Organization Controls 2, is a compliance standard developed by the American Institute of CPAs (AICPA) outlining how organizations like Coris should manage customer data. The SOC 2 security framework is based on five trust service principles for customer data management: security, availability, processing integrity, confidentiality, and privacy. 

During the SOC 2 certification process, an independent auditor such as Advantage Partners evaluates a company’s security posture as it relates to one or all of the above trust service principles. The audit includes scoping, gap analysis, control testing, and more. ‍For Type II certification, auditors assess how effective the designed security controls are over time by observing operations for a period of time.

In addition to Advantage Partners, we partnered with Vanta to automate parts of the SOC 2 certification process.

What’s the difference between Type I and Type II compliance?

Coris achieved SOC 2 Type I compliance over the summer. Type I compliance ensures our partners that Coris’s systems and controls are designed effectively to meet the applicable trust service criteria at a specific point in time. 

SOC 2 Type II compliance goes a step further. It not only examines the design of controls but also evaluates their effectiveness over a sustained period of time. It provides a more comprehensive assessment of how well the controls are operating and whether they are achieving the intended outcomes. Because type II compliance is more rigorous, many companies use this as a criteria when evaluating a vendor’s security posture.

Why is SOC 2 compliance important?

Our customers operate in heavily regulated industries like financial services, where data security and privacy are of the utmost importance. Consequently, they need to make sure their partners also handle data with a high degree of sensitivity and privacy. SOC 2 Type II compliance assures our customers that we prioritize data security and have strong internal controls to mitigate any risk of data breach.

What’s next?

Coris will continue to invest in best-in-class security and privacy practices to ensure customers’ merchant data is sufficiently protected on our platform. 

If you’d like to learn more or receive a copy of Coris’s SOC 2 report, please contact us.

Explore
IntegrationsDevelopersAbout UsResources
legal
Privacy PolicyTerms & Conditions
connect
LinkedInTwitter
©2024 Coris, Inc. All Rights Reserved