The Service Organization Control (SOC 2) report is based on the existing SysTrust and WebTrust principles. The purpose of the SOC 2 report is to evaluate an organization’s information systems relevant to security, availability, processing integrity, confidentiality, or privacy.
InVision completes the SOC 2 Type 2 examination annually. Existing Enterprise and Private Cloud customers can receive InVision’s SOC 2 report by contacting their account executive and completing an NDA.
The SOC 3 report is a redacted version of the SOC 2 report. The SOC 3 report summarizes the SOC 2 report, but it excludes details of the associated controls and control results. If you’d like, you can request the SOC 3 report.