Atomic is now SOC 2 compliant

Security has always been important at Atomic Invest, which is why we are proud to announce that the American Institute of Certified Public Accountants (AICPA) has awarded us with our SOC 2 attestation. This is an important recognition of our organizational commitment to security, confidentiality, and privacy.

SOC Overview

“SOC” stands for “System and Organizational Controls.” It is a specific type of audit performed by the AICPA, and there are different variations.

SOC 1 is focused on internal controls related to financial reporting. This type of attestation is most important for organizations involved with transaction or revenue reporting. Good examples are companies who specialize in claims processing or billing. SOC 1 is not particularly relevant for Atomic.

SOC 2 is focused on security, availability, and the processing integrity of the systems used to process user data, as well as the confidentiality and privacy of the information processed by these systems. This is important for companies who store information in the cloud, especially if it is sensitive financial or private information.

The SOC 2 process is important because it is conducted by a third party and is based on purely objective criteria. Most organizations claim to protect user information, but this can be difficult for outsiders to verify. AICPA serves an important public need through their SOC audits, and we are grateful for the work they are doing to improve security transparency.

Final thoughts

Any business that wants to signal a commitment to security and privacy should consider pursuing SOC 2. It is a rigorous process – rightfully so – but success is a strong indicator of the soundness of a company’s systems, people, and processes. 

If you would like more information on our SOC 2 report, or if you have any general questions, don't hesitate to contact us at partnerships@atomicvest.com.