SignatureAPI is currently undergoing a SOC 2 Type 2 audit and is on track to achieve compliance by Q3 2025.

What is SOC 2 Type 2?

SOC 2 (System and Organization Controls 2) is a framework developed by the AICPA for managing customer data based on five “Trust Services Criteria” (TSC): Security, Availability, Processing Integrity, Confidentiality, and Privacy. A Type 2 report assesses how well these controls are implemented and operated over time. It’s widely used by companies that need to evaluate the reliability and security of third-party service providers, particularly those handling sensitive or regulated data.

Our Scope

Our SOC 2 Type 2 audit covers all five TSCs:
  • Security – Protection against unauthorized access.
  • Availability – System uptime and reliability.
  • Processing Integrity – Accurate and timely system operations.
  • Confidentiality – Protection of sensitive information.
  • Privacy – Handling of personal data in accordance with privacy principles.

Current Status

We are currently in the audit process and expect to complete our Type 2 audit by Q3 2025. In the meantime, we can provide a SOC 2 Readiness Report upon request. This outlines the controls we have in place today and how they map to SOC 2 requirements.

Questions?

For more information or to request the readiness report, please contact us.