SOC 2 (System & Organization Controls) is a compliance framework used to evaluate and validate an organization’s information security practices, particularly in the SaaS industry.

SOC 2 was created by AICPA (American Institute of Certified Public Accountants) as a way to help organization’s verify their security, processing integrity, confidentiality and privacy; thus reducing the risk of a security breach.

3rd-party auditors annually assess Finsweet’s information security against five categories, known as the five Trust Services Criteria (TSC).

If you want to view Finsweet’s SOC 2 Type II report, please submit a request.