Cronofy successfully renews SOC 2 Type II attestation

Last year in 2020, Cronofy achieved both SOC 2 Type II attestation and ISO27001 compliance. We're pleased to announce that, after a year of continually improving our security posture and products, we've successfully renewed our SOC 2 Type II attestation for another twelve months - achieved with zero non-conformities or advisories.

What is SOC 2 Type II?

SOC 2 (System and Organization Controls) examinations were designed by the American Institute of Certified Public Accountants (AICPA). They were created to assist organizations of any size, regardless of industry and scope, with ensuring the personal assets of their potential and existing customers are protected.Cronofy was tested by an independent auditor, A-LIGN, against the defined principles and criteria published by the AICPA. Throughout the audit, we demonstrated a comprehensive and thorough approach to mitigating information security risks and the secure management of data.

What this means for Cronofy customers

In the past twelve months, we have launched a new product, expanded into more regions, added even more features and continued to grow the team. Alongside doing all of this, Cronofy has consistently met the rigorous standards set out by the AICPA, culminating in us renewing SOC 2 with flying colors.Cronofy continues to lead the market in security and compliance, constantly reviewing and improving our security positioning. This means that our customers can be safe in the knowledge that their data, and the security of their data, is paramount in everything we do.

What’s next?

As part of running an effective information security program, Cronofy is committed to continual improvement, and whilst SOC2 Type II is a great achievement, we won’t rest on our laurels. We now go into our ISO27001 surveillance audits and are including ISO27018 in that.If you have any further questions, please do not hesitate to reach out to us at privacy@cronofy.com.