BERKELEY, Calif.--(BUSINESS WIRE)--IPfolio, provider of next-generation Intellectual Property Management solutions, announced today that it has completed and received its SSAE 18 SOC 2 Type I security certification. This independently audited certification verifies that IPfolio has the proper internal controls and processes in place to deliver high-quality, secure IP management services.
CyberGuard Compliance performed the audit and testing of IPfolio’s controls, and the firm validated IPfolio’s process and security controls. In accordance with SSAE 18 (Statements on Standards for Attestation Engagements), the SOC2 Type I audit report includes a description of IPfolio’s internal controls and detailed testing of those controls.
IPfolio is now preparing for its SOC 2 Type II audit which reports on effectiveness of controls within the company. The company will be undergoing the Type II certification in Q4 2018 and expects to be certified by early Q1 2019.
Mark Bullard, COO of IPfolio, remarked: “Security is top of mind for all companies as they face real threats and challenges. We pursued the rigorous SOC 2 Type I audit because it was essential for IPfolio to demonstrate externally verified security controls for the protection of our clients, partners and internal stakeholders. Security, privacy, and performance are fundamental to a successful deployment of any application, so we take them very seriously. We are now aggressively pursuing our Type II certification to further advance our commitment to security.”
IPfolio’s mission is to elevate, educate and empower intellectual property professionals to optimize IP operations. Headquartered in Berkeley, California, IPfolio (www.ipfolio.com) has pioneered truly cloud-based Intellectual Property (IP) Lifecycle Management for the enterprise since 2012. Built on the Salesforce Platform for ultimate scalability, performance, flexibility, and security, IPfolio reduces administrative overhead, allows strategic visibility into the IP portfolio, and fosters collaboration between all stakeholders throughout the IP Management process. IPfolio has a diverse global customer base including over 140 customers in 20 countries, ranging from Silicon Valley’s most innovative startups to the Fortune 50, and including three of the world’s ten most valuable corporations. Follow IPfolio on Twitter @IPfolio, on LinkedIn, or visit the IPfolio blog for commentary on intriguing IP topics of the day.
About SSAE 18 SOC Reports
The SSAE certification was developed by the American Institute of Certified Public Accountants (AICPA). Firms must follow AICPA rules when conducting an audit of a company’s internal controls.
SSAE 18 (often referred to as SSAE 18 or SOC; and previously known as SSAE 16 or SAS 70) contains the rules for conducting an attestation of a service organization’s internal controls and issuing a System and Organization Controls (SOC) report. Service auditors are required to follow these rules when conducting a SSAE 18 engagement.
Two types of SOC reports are SOC 1 and SOC 2:
SOC 1: Report on controls over financial report
SOC 2: Report on controls over the security, availability, confidentiality, processing integrity, and/or privacy.
Two “Types” of SOC2 reports include:
SOC 2 Type I
The SOC 2 Type I report provides an overview of the company and its control environment, references to the company’s policies and procedures, and an opinion on the suitability and design of the controls in place at time of the audit. Type I reports are typically a stepping stone toward a SOC 2 Type II report.
SOC 2 Type II
The SOC 2 Type II report details the effectiveness of a company’s controls. Have the security controls been implemented and are the employees actually following all of the company’s policies and procedures? Type II requires a high level of commitment to security. Per AICPA guidance, SOC 2 reports must cover a period of at least 6 months, meaning that the Type II report cannot be issued until at least 6 months after the Type I.
For more information on SSAE 18 and other security reports, visit www.auditlytics.com and click on the SSAE 18 tab.