The Service and Organization Control (SOC) reporting framework from the AICPA providers reporting frameworks for service organizations to provide assurance that controls related to providing the service are performed in accordance with standard requirements. A SOC 2 report is a report on controls at a service organization relevant to the Trust Services Criteria which can include Security, Availability, Processing Integrity, Confidentiality, or Privacy. Obtaining a SOC 2 report requires undergoing an assessment from an independent Certified Public Accounting (CPA) firm. To read more about SOC 2: click here.
Virtru undergoes SOC 2 Type II assessments on an annual basis performed by Schellman & Company, LLC. A Type 2 assessment covers a period of time, reporting on the suitability of design and operating effectiveness of controls. Virtru's SOC 2 reports cover the Trust Service Principles of Security, Availability, and Confidentiality.
Virtru customers looking for the lasted SOC 2 Type II report to assist with their audits and due diligence can request the report from their account manager or by submitting a request to the Support Center.