SOC 2 Compliance at SignatureAPI
SignatureAPI is currently undergoing a SOC 2 Type 2 audit and is on track to achieve compliance by Q3 2025.
What is SOC 2 Type 2?
SOC 2 (System and Organization Controls 2) is a framework developed by the AICPA for managing customer data based on five “Trust Services Criteria” (TSC): Security, Availability, Processing Integrity, Confidentiality, and Privacy.
A Type 2 report assesses how well these controls are implemented and operated over time. It’s widely used by companies that need to evaluate the reliability and security of third-party service providers, particularly those handling sensitive or regulated data.
Our Scope
Our SOC 2 Type 2 audit covers all five TSCs:
- Security – Protection against unauthorized access.
- Availability – System uptime and reliability.
- Processing Integrity – Accurate and timely system operations.
- Confidentiality – Protection of sensitive information.
- Privacy – Handling of personal data in accordance with privacy principles.
Current Status
We are currently in the audit process and expect to complete our Type 2 audit by Q3 2025.
In the meantime, we can provide a SOC 2 Readiness Report upon request. This outlines the controls we have in place today and how they map to SOC 2 requirements.
Questions?
For more information or to request the readiness report, please contact us.