Today, we’re excited to announce that Noodle.ai has officially renewed our SOC 2 Type II annual certification and continues to be compliant with the SOC 2 Type II standard for security, availability, and confidentiality.

Our SOC 2 Type II report outlines the extensive security and availability controls that Noodle.ai has implemented and continually operates in order to meet both internal and customer expectations for security controls.

We take Information Security very seriously at Noodle.ai. As a trusted Supply Chain Enterprise AI® software product company, we continuously aim to not just meet but also exceed industry standards and customer expectations for security controls.

 

Noodle.ai’s SOC 2 Type II report

SOC 2 is an auditing measure developed by the American Institute of CPAs (AICPA) that ensures service providers securely manage user data. A little over a year ago we shared our first SOC 2 Type II report, which describes the systems we use to process data and the suitability of our internal controls.

Now, we’re continuing our commitment to security with recertification of our SOC 2 Type II report, an internal controls report capturing how our company safeguards customer data worldwide and how well those controls are operating.

An independent auditor conducted an audit of our servers, systems, and processes verifying that our information security practices, policies, procedures, and operations meet the rigorous SOC 2 standards. Additionally, this audit confirmed that our platform is protected against unauthorized physical and logical access.

 

The components of SOC 2 compliance

Companies that use cloud service providers turn to SOC 2 to assess and provide information regarding the risks associated with third-party technology services. While the Type 1 report describes a service provider’s systems and whether the system is suitably designed to meet relevant trust principles, the Type 2 report details the operational effectiveness of those systems. This includes a historical element that shows how controls were managed by a business over a period of time. It also looks at how effectively our internal controls and processes operate over a longer period.

A sample of some controls covered in our SOC 2 Type II include:

  • Logical Access Controls
  • Application Development Controls
  • System Monitoring Controls
  • Data Security Controls