We’re excited to announce that Brightspot has successfully renewed our SOC 2 Type II certification for our Managed Services, which includes our Brightspot CMS as well as our cloud management tool, Gyro.
“This directly validates our focus on the privacy, security, and reliability of our platform - and, by extension, that of our clients’ applications and experiences,” said David Habib, CIO at Brightspot. “There’s nothing we take more seriously than our clients’ information.”
SOC 2, or “Service Organization Control version 2,” is an independent audit framework for assessing a service provider’s controls (policies and procedures) relative to a set of established criteria. The “Type II” designation indicates that the auditor has not only reviewed and approved the controls, but also confirmed that the organization followed them consistently.
The audit and reporting for SOC 2 Type II, which was completed by independent CPA firm Dixon Hughes Goodman, LLP, covered the review period from January 1, 2019 - November 30, 2019. The audit confirmed that our Managed Services meet the Trust Service Principles established by the American Institute of Certified Public Accountants (AICPA) with regard to suitability of design and operating effectiveness of controls for security, privacy and availability.
With questions regarding security, privacy and Brightspot, please contact our Governance, Risk and Compliance team at firstname.lastname@example.org.