nCircle, the leader in information risk and security performance management, today announced the successful completion of a Service Organization Controls (SOC) 2 (also known as SOC 2 Type II) audit. The resulting report evaluates the security, availability and confidentiality of nCircle’s cloud products, including nCircle Benchmark and nCircle PureCloud™. nCircle is among the first cloud security service vendors to undergo a SOC 2 audit.

Following the phase out of SAS 70, customers and stakeholders with valuable data now look to SOC 2 reports to evaluate and assess the risks associated with an outsourced service. To pass a SOC 2 audit, an independent auditor must first test system design and operational procedures. The independent auditor validates that controls and processes operate effectively to safeguard customers’ confidential information.

“Meeting stringent SOC 2 audit criteria is part of our ongoing commitment to guaranteeing security, availability, integrity and confidentiality of information to every nCircle customer,” said Andrew Storms, director of security operations for nCircle. “Security has been integral to the DNA of every nCircle product for over ten years. We wanted to go above and beyond regulatory requirements, and that’s why we decided to undertake the rigorous scrutiny of a SOC 2 audit.”

The SOC 2 principles and related controls have been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements. These principles are:

• Security: The systems are protected against unauthorized physical and logical access
• Availability: The systems are available for operation and use as committed or agreed.
• Processing integrity: System processing is complete, accurate, timely and authorized.
• Confidentiality: Information designated as confidential is protected as committed or agreed.

• Privacy: Personal information is collected, used, retained, disclosed and destroyed in conformity with the commitments in the privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA.

For more information about nCircle’s security and privacy practices, please visit the nCircle Trust Center.

About nCircle

nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.

nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.

nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.