Solvinity completes SOC 1 and SOC 2 audit successfully again in the private cloud and Azure cloud
Once again, for the fourth consecutive year, Solvinity has received new SOC 1 (ISAE 3402) and SOC 2 reports with an “unqualified opinion” from KPMG for the Solvinity private cloud and the Azure public cloud. This means that the design, implementation, and operation of required measures in the areas of security, availability, and confidentiality have been positively tested. This confirms that we can meet our service commitments and system requirements, and the entire management environment complies with strict international standards for IT service providers.
In 2020, Solvinity became the first Dutch IT service provider with a SOC 2 report for the Azure management environment. This is particularly relevant for financial institutions with hybrid cloud platforms that must comply with stringent compliance requirements and want to mitigate outsourcing risks.
Martin Maas, CISO at Solvinity: “Organizations for whom compliance is essential, such as banks, insurance companies and the government, must be able to provide evidence of assurance from their IT service provider. Thanks to these standards and the audits, they can show that their data is in reliable hands, and they continue to be supported in enhancing their resilience – in both private and hybrid cloud environments.”
Topics covered in the audit
The SOC 2 Type II audit examines and reports on the internal measures related to the security, availability, and confidentiality of a system. The reports cover the Solvinity management infrastructure and the common tools and processes the company uses to manage services to customers in the private cloud and the public cloud (Microsoft Azure).
While much of this is technical – for example, how we configure backups or perform emergency patches – it also covers non-technical areas, such as the execution of vendor risk management, the recruitment processes within HR, or the conduct of an annual independent financial audit covering fraud risk.
Achieving these reports does not mean that we now sit back and relax. SOC compliance is an ongoing process that requires continuous attention and is constantly updated based on market demands and changing laws and regulations.
Sign up for the Solvinity Newsletter
Receive the latest news, blogs, articles and events.
Subscribe to our newsletter.
Other articles
More
The complexity of IT Regulations for municipalities
In addition to the daily challenge of managing a secure and efficient IT environment, municipalities face...
READ MORE
Security controls in hybrid cloud environments
A holistic approach to security controls, which considers all aspects of the IT environment, is crucial...
READ MORE
The state of cybersecurity in the financial sector in the Netherlands
Threats are becoming more sophisticated, regulations are tightening, and the pressure on IT professionals is increasing.
