As a testament to our commitment to providing efficient and secure digital reality solutions, we proudly announce that we have completed the System and Organization Controls 2 (SOC 2) Type 2 examination for FARO Sphere (Legacy) and FARO Sphere XG (HoloBuilder™).
Obtaining the internationally recognized SOC 2 Type 2 attestation demonstrates FARO ’s secure organizational posture for optimum safety regarding process monitoring, encryption.
“Security, compliance and privacy have always been at the core of what we do and with the SOC 2 Type 2 attestation, we’ve received a third-party validation. Our customers can be assured that we will continue to provide services that meet the industry’s highest standards.”
—Matt Stockham, Senior Director, Information Security, FARO Technologies, Inc.
What does the SOC 2 Type 2 attestation mean?
There are 2 types of SOC reports:
- Type 1: describes a Vendor’s systems and whether their design is suitable to meet relevant trust principles.
- Type 2: details the operational effectiveness of these systems.
Unlike SOC 2 Type 1 attestation, obtaining SOC 2 Type 2 attests an organization’s security framework design and operating effectiveness over a period of time, in this case 12 months. FARO expects to provide a SOC 2 Type 2 report on an annual basis.
How does this affect you?
Obtaining the subsequent SOC 2 Type 2 attestation provides you with confirmation that FARO is meeting our documented security and availability standards. These include:
- Security processes adhering to industry best-practices
- Efficient and holistic disaster management procedures
- Documented and efficient processes concerning sensitive data
How do you obtain a copy of the report
Please send your request to your customer success manager or send an email directly to email@example.com. Our team will get back to you with the required steps to receive the corresponding report for review.
Who did the SOC 2 Type 2 audit?
The examination was conducted by A-LIGN, a technology-enabled security and compliance firm trusted by more than 4,000 global organizations to help mitigate cybersecurity risks. The SOC 2 audit testing framework is based off of the Trust Services Criteria (TSC), which are used to identify various risks (points of focus) an organization should consider addressing. Based on the TSCs the organization selects to be in-scope, the third-party compliance and audit firm evaluates whether the organization has the appropriate policies, procedures and controls in place to manage the identified risks effectively.