DocuWare, provider of cloud solutions for document management and workflow automation has successfully undergone an audit process and earned its System and Organisation Controls (SOC) 2 Type 2 Certification.
The audit was conducted by CohnReznick in accordance with the requirements of the American Institute of Certified Public Accountants. SOC 2 Type 2 is considered the gold standard for data security and provides companies with assurance that, as a leading cloud service provider, DocuWare complies with industry security standards.
The audit to verify DocuWare’s eligibility to upgrade from SOC 2 Type 1 to SOC 2 Type 2 took place from 1 October 2020 to 31 March 2021 and the certification is valid through to the next audit. The auditing process included an in-depth review of company policies and procedures for data handling, tests of the organisation’s security controls, employee interviews, a walkthrough of the office and a guided overview of the data centre spaces. The audit ensures that service providers securely manage data to protect the interests of the organisation and the privacy of clients. For security-conscious businesses such as DocuWare, SOC 2 Type 2 compliance is a necessary requirement internally and externally.
“The SOC 2 Type 2 certification is recognised globally,” said Dr. Michael Berger, DocuWare President. “As a global SaaS technology provider, DocuWare maintains the highest security and compliance standards and we plan to partner with service providers who meet similar certification levels. This gives us and our partners the highest level of security and strengthens our customers trust in us.”
With the SOC 2 Type 2 Certification, technology providers who do or are planning to do business with DocuWare, know that its service commitments and system requirements were achieved based on the trust services criteria relevant to security and availability (applicable trust services criteria) set forth in TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Trust Services Criteria).
