SSAE 18 Compliance
A mandatory industry regulation, SSAE 18 not only evaluates the design of a company’s internal control system, but also examines the efficacy of the internal control system. Replicon is fully compliant with SSAE 18 (SOC 1, SOC 2, and SOC 3), the standard industry certification for service providers in the United States. We participate in bi-annual SSAE 18 audits for SOC1 Type II, and annual audits for SOC2 Type II and SOC3 Type II to make sure that Replicon has the adequate controls and processes in house to honor our service commitment, while ensuring data protection.
Frequently Asked Questions
Who performs the independent third-party audit for the SOC reports?
A-LIGN Assurance performs the SOC 1, SOC 2, and SOC 3 audits.
Is a non-disclosure agreement (NDA) required to receive the Replicon SOC reports?
Yes, a fully executed MND is required. (I.E. both party signatures are filled out and signed)