IGX Solutions Is SOC 2 Compliant

In keeping with our commitment to exemplary customer care at every phase of a project, IGX Solutions has undergone a SOC 2 report to demonstrate our compliance with this standard. We are proud to announce that we have obtained this status and are exceptionally equipped to keep your organization’s data secure. 

Our SOC 2 audit was conducted by A-LIGN, an internationally known cybersecurity company boasting partnerships with over 2,500 global enterprises with extensive risk-management needs. Our voluntary participation in this audit affirms our commitment to safeguarding client data and strict compliance with cybersecurity standards.

What Is a SOC 2 Report?

Developed by the American Institute of Certified Public Accountants (AICPA), the System and Organization Controls (SOC) framework allows an independent auditor to assess how well a company handles risk related to data exposure. The SOC framework can be applied at three levels, with SOC 2 being the international standard for cybersecurity. 

A SOC 2 report is an assessment of how a company handles sensitive information across key areas identified by AICPA. Operations of any size can undergo this examination, with a successful audit demonstrating the trustworthiness of the requester. 

Unlike some other tests, a SOC 2 audit does not focus exclusively on the technical aspects of data security and accessibility. Rather, it takes a more comprehensive view by reviewing how a company selects, integrates and uses control systems to protect information. Instead of just providing a checklist of the security factors present, it observes them in action and reports on how they perform.

What Does It Mean to Be SOC 2 Compliant?

The AICPA framework involves evaluating a company according to five Trust Services Criteria (TSC):

  • Security (required)
  • Availability (optional)
  • Processing integrity (optional)
  • Confidentiality (optional)
  • Privacy (optional)

Having adequate security is the most vital component of becoming SOC 2 compliant, but submitting to evaluation in other areas of the TSC demonstrates commitment to the spirit of the audit. The security component on its own represents an extreme dedication to data safety, as the company must have controls for the following in place:

  • Information security
  • Vendor management
  • Access control
  • Business continuity
  • Disaster relief
  • System backup

After stringent examination of the above and a report of satisfactory findings, the organization under audit receives a SOC 2 letter of attestation good for one year. When a company maintains SOC 2 compliance, you know they are fully committed to data security at every level of their operation — and willing to undergo repeated, rigorous auditing to prove it to you. 

Trust Our Team for Safe, Streamlined Solutions

IGX Solutions provides intuitive, reliable software to support specialized needs. Along with our IntelliGrants® IGX grant management solution, we offer unique programs designed for crime victim compensation agencies and vendors in the Randolph-Sheppard Vending Facility Program to serve the singular requirements and operational protocols of these clients.

Our team understands that security is paramount for those handling grant money, navigating accessibility compliance or processing sensitive information related to the criminal justice system. Our commitment to SOC 2 compliance is just one of the ways we demonstrate that understanding. To learn more about our software solutions and what we do to protect your information, request a demonstration or connect with our team online. 

Sign up to Our Newsletter to Receive the Latest Updates on Our Products.