30 January 2024

Solvinity completes SOC 1 and SOC 2 audit successfully again in the private cloud and Azure cloud

Once again, for the fourth consecutive year, Solvinity has received new SOC 1 (ISAE 3402) and SOC 2 reports with an “unqualified opinion” from KPMG for the Solvinity private cloud and the Azure public cloud. This means that the design, implementation, and operation of required measures in the areas of security, availability, and confidentiality have been positively tested. This confirms that we can meet our service commitments and system requirements, and the entire management environment complies with strict international standards for IT service providers. 

In 2020, Solvinity became the first Dutch IT service provider with a SOC 2 report for the Azure management environment. This is particularly relevant for financial institutions with hybrid cloud platforms that must comply with stringent compliance requirements and want to mitigate outsourcing risks. 

Martin Maas, CISO at Solvinity: “Organizations for whom compliance is essential, such as banks, insurance companies and the government, must be able to provide evidence of assurance from their IT service provider. Thanks to these standards and the audits, they can show that their data is in reliable hands, and they continue to be supported in enhancing their resilience – in both private and hybrid cloud environments. 

Topics covered in the audit

The SOC 2 Type II audit examines and reports on the internal measures related to the security, availability, and confidentiality of a system. The reports cover the Solvinity management infrastructure and the common tools and processes the company uses to manage services to customers in the private cloud and the public cloud (Microsoft Azure). 

While much of this is technical – for example, how we configure backups or perform emergency patches – it also covers non-technical areas, such as the execution of vendor risk management, the recruitment processes within HR, or the conduct of an annual independent financial audit covering fraud risk. 

Achieving these reports does not mean that we now sit back and relax. SOC compliance is an ongoing process that requires continuous attention and is constantly updated based on market demands and changing laws and regulations. 

Sign up for the Solvinity Newsletter

Receive the latest news, blogs, articles and events.
Subscribe to our newsletter.

Other articles