When you work with Sage Intacct, you entrust us with your company's highly confidential business information. We take that seriously and wanted to take a moment to update our users regarding the recent completion of our first SOC 2 Type II attestation.

Sage Intacct has a variety of tool and procedures in place that are designed to prevent unauthorized programs, systems, and users from gaining access or control of system processes, resources, and data. As a background, Sage Intacct currently has SSAE 18 (SOC 1 Type II), PCI-DSS, Privacy Shield certifications, and this SOC 2 Type II certification is a new (and welcome!) addition. 

Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 Type II is applicable to service providers that are using the cloud to store customer data – which essentially includes any and every SaaS company, along with any organization that utilizes the cloud to store customer information.

The AICPA has established wide-ranging criteria for handling customer data grounded on five “trust service principles.” To achieve SOC 2 Type II companies are required to pass the security principle, and are additionally encouraged to establish and follow strict information policies and procedures on all five, which include:

1.       Security

2.       Availability

3.       Processing integrity

4.       Confidentiality

5.       Privacy

Sage Intacct’s SOC 2 Type II certification was issued by outside auditors based on the systems and processes in place. By receiving SOC 2 Type II certification, Sage Intacct has proven that our customer’s information security measures are in line with the unique parameters of today’s cloud requirements.

While SOC 2 Type II compliance isn’t a requirement for SaaS and cloud computing vendors, Sage Intacct is proud to add this certification as one more proof-point to the extensive commitment to security we offer each and every user.

To learn more about the security that Sage Intacct offers, please visit this page.