SOC 2 Type 2 Certification: What it Is and Why it Matters

Robocorp completed our SOC 2 Type II audit for August 1, 2021, to July 31, 2022, which certifies data handling and security practices.

October 4, 2022

Robocorp, the leading provider of open-source robotic process automation (RPA), has successfully completed a Service Organization Control (SOC) 2 Type II audit from August 1, 2021, to July 31, 2022. An independent accounting and auditing firm has reviewed and examined the company's data handling and security practices, confirming that Robocorp meets the highest standards for protecting its customers' confidential information.

What are SOC 2 Type II reports?

SOC 2 Type II reports are the most comprehensive certifications in the Systems and Organization Controls protocol. They are helpful when considering a service provider's credentials. They apply to cloud service providers, SaaS providers, and other organizations that store client information in the cloud. The report proves a client's data is protected and kept private.

What’s involved in a SOC 2 Type II audit?

A trusted third-party auditor is responsible for providing an opinion on a company's controls. To do this, they follow these general steps:

  • Understand the system and service commitment requirements of the service organization.
  • Assure the service organization's description is presented following specified criteria and controls are suitably designed and operate effectively.
  • Perform procedures to obtain evidence about whether controls stated in the description are suitably designed to provide reasonable assurance that the company achieved its service commitments and system requirements based on the applicable trust services criteria.
  • Test the operating effectiveness of controls stated in the description to ensure the company achieved its service commitments and system requirements based on the applicable trust services criteria.
  • Evaluate the overall presentation of the service organization’s description

Why it's important, and why it matters?

This review ensures that an organization meets the strict requirements of the Association of International Certified Professional Accountants (AICPA). When an organization needs to trust an application with highly sensitive and confidential information, like passwords, documents, and secure images, it is important to have this high-level certification.

How does it impact applications?

Applications and software developed by a SOC 2 Type II certified organization must follow processes and controls that have been audited. This helps ensure that the applications and code are created, reviewed, tested, and released following the AICPA Trust Services Principles. 

How does it impact users?

When you work with a company that is SOC 2 Type II certified, like Robocorp, you can be sure that your data will be kept safe. We pride ourselves on delivering world-class security and privacy to our customers by following the industry's best security and data protection practices. Click here to learn more about Robocorp security. 

About Robocorp

Robocorp empowers businesses and teams to work smarter by shattering previous RPA and intelligent automation boundaries. The company makes it easy, affordable, and fast to build software robots and automate manual tasks with first-class, open-source process automation tools. It also provides a robust, secure orchestration and execution platform to allow customers to run both cloud-based and self-managed robotic automations with consumption-based pricing. 

Robocorp is backed by Benchmark, Canvas Ventures, Slow Ventures, FirstMinute Capital, Harpoon Ventures, Uncorrelated Ventures, Artisanal Ventures, Haystack, and angels. Robocorp is headquartered in San Francisco, with our primary offices being online. Learn more at https://robocorp.com/

Share this article