Simfoni, a global innovator in Spend Analytics and Spend Management, proudly announces today it has completed its Service Organization Control (SOC) 2 Type 1 examination. The audit was conducted by Assure Professional, a leading cybersecurity, assurance, and compliance solutions provider, revealed no exceptions – which means that all of Simfoni’s information security practices, policies, and operational procedures meet or exceed security standards.
San Francisco, CA, February 10, 2021 –(PR.com)– Data security, compliance and protection are increasingly relevant for all businesses and this SOC 2 audit validates Simfoni as a trusted partner for its growing list of global enterprise customers for whom data security, compliance and protection.
“Simfoni’s AI-technology processes millions of transaction line items every month, making data security critical to the company’s mission. With billions of customers spend being analyzed in our cloud we invest and will continue to invest heavily in security,” said Jason Stern, CEO Simfoni Analytics. “We were thrilled to receive this approval report which proves we can deliver the best service and support to even our largest and most complex customers. We are grateful to VISA who have demonstrated a real spirit of partnership in helping us achieve this.”
The recent achievement adds to an already-robust and multi-faceted set of data security best practices at Simfoni. In fact, the company maintains a strong security culture based on a perpetual focus on cybersecurity and the engagement of validation authentication models and annual Penetration Tests. Accordingly, Simfoni is fully compliant with GDPR regulations and HIPPA laws. To learn more about Simfoni security and compliance visit www.Simfoni.com/trust.
Developed by the American Institute of CPAs (AICPA), SOC 2 is a technical audit meant to evaluate an enterprise’s information systems and the effectiveness of its internal controls in ensuring the security, availability, processing integrity, confidentiality, and privacy of a customer or client’s data. To be deemed compliant, software as a service (SaaS) providers must implement and follow strict information security policies and procedures, which are then validated by a third party.
“We’re relied on by some of the world’s biggest brands, and our platform contains their confidential data. They trust us to protect their information, for example customer data contains information such as purchased price, vendor details and competitiveness benchmarking,” said Sreeram Venkitakrishnan, Simfoni Head of Products. “By meeting the SOC 2 compliance requirements, Simfoni customers and their suppliers can be confident in our ability to provide them with a secure platform.”
SOC 2 Type I compliance is determined by tests and reports conducted by an independent auditor, on the structure and operational soundness of a service organization’s controls, over a period of six months to a year. The review is specific to IT and data center service providers. The audit accounts for the system of the data center, and the suitability of its design of controls, as reported by the company. The audit also includes verification of an auditor’s opinion on the operating effectiveness of the controls.
Simfoni successfully performed the SOC 2 Type I audit against security and availability, proving they are taking appropriate measures to assure its systems are protected against unauthorized access. The comprehensive report examines multiple controls over the security and availability of its hosting services.
To download the report and learn more about Simfoni Data Security and Privacy visit www.simfoni.com/trust.
About Simfoni: Simfoni provides spend analytics and spend automation products to leading global enterprises. Products employ machine learning and artificial intelligence to accelerate and automate key aspects of the procurement process, providing rapid time to value, saving customers both time and money in the process. Based in the USA, Europe and Middle East, Simfoni works “in harmony” with its customers and their vendor community.