Subscribe to Our Newsletter
We are thrilled to announce that GXA has successfully completed the System and Organization Controls (SOC) 2 Type II audit, a globally recognized standard for information security compliance. Developed by the American Institute of CPAs (AICPA), the SOC 2 audit allows a third-party auditor to validate a service company’s internal controls concerning information security.
Our SOC 2 Report was obtained in partnership with the Johanson Group, who rigorously reviewed our internal controls, including policies, procedures, and infrastructure related to data security, firewall configurations, change management, logical access, backup management, business continuity and disaster recovery, security incident response, and other essential areas of our business.
Thanks to a company-wide effort and our collaboration with Johanson Group, we achieved SOC 2 compliance and received an Auditor’s Report. This report is available to demonstrate that our policies, procedures, and infrastructure meet or exceed SOC 2 criteria. Moreover, we have integrated critical infrastructure to monitor compliance with the SOC 2 framework 24/7/365, surpassing the minimum requirements.
At GXA, we believe trust is the cornerstone of our relationship with our clients. The successful completion of our SOC 2 audit is one of the many ways we aim to earn and maintain that trust. SOC 2 is just one element of our expanding security program, and we are committed to continually enhancing our information security measures and retaining an annual SOC 2 audit to ensure we meet our clients’ needs.
What Does This Mean for GXA Customers and Future Clients?
- Enhanced Trust and Assurance: Our SOC 2 Type II compliance provides a high level of assurance that your data is protected and handled with the utmost security and care.
- Rigorous Security Standards: Clients can be confident that our security practices, policies, and procedures are validated by an independent third-party auditor to meet stringent standards.
- Continuous Monitoring and Improvement: We don’t just meet the SOC 2 requirements during the audit window; our critical infrastructure is monitored 24/7/365 to ensure ongoing compliance and security.
- Transparency and Accountability: The Auditor’s Report is available to our clients, showcasing our commitment to transparency and accountability in our operations.
- Proactive Risk Management: Our compliance efforts include robust measures for data security, change management, and disaster recovery, ensuring that your business is protected from potential risks.
- Commitment to Excellence: Achieving and maintaining SOC 2 compliance is part of our broader commitment to continuously improving our information security program and supporting our clients’ evolving needs.