Independent Audit Verifies Reflektive’s Internal Controls and Processes for Protecting Customers’ Most Valuable Assets – Their People – To Drive Operational Excellence
Reflektive, the real-time performance management leader, today announced it has achieved Service Organization Control (SOC) 2 Type 1 compliance, validating its adherence with SOC 2 enterprise-grade security standards for cloud-based platforms.
Governed by the American Institute of CPAs (AICPA), the stringent SOC 2 security examination and compliance standards allow enterprises to invest with confidence in Reflektive’s scalable solution that brings real-time feedback, agile goal alignment and employee engagement to performance management. As part of the compliance process, AICPA’s third-party audit confirmed Reflektive’s security policies, access and operating hardening measures, and data management procedures rigorously safeguard sensitive employee data collected and managed on the Reflektive platform.
“The SOC 2 audit is based on the Trust Services Principles and Criteria. Reflektive has selected the security, availability, and confidentiality principles for the basis of their audit,” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “Reflektive delivers trust-based services to their clients, and by communicating the results of this audit, their clients can be assured of their reliance on Reflektive’s controls.”
Following triple-digit year-over-year revenue growth in the first half of 2017, this SOC 2 milestone supports Reflektive’s strategy for market expansion and customer growth. Its seamlessly-integrated solution is already trusted by more than 300 of the world’s best places to work, including Pinterest, Comcast, MuleSoft and Evolent Health. With SOC 2 compliance, Reflektive is positioned to provide any business real-time performance management and talent development solutions needed to create their employee-centric workplace to attract and retain top talent.
“Reflektive customers have always relied on us to keep data about their people — their most important assets — safe,” said Jimmie Tyrrell, Reflektive’s co-founder and head of security. “With an increase in demand from enterprise clients, SOC 2 compliance provides third-party approval of the way we manage information stored in the cloud. Our SOC 2 Type 1 report is a major step in rigorously enforcing how we protect our customers’ important data.”
SOC 2 engagements are based on the AICPA’s Trust Services Principles. SOC 2 service auditor reports focus on a Service Organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. KirkpatrickPrice’s service auditor report verifies the suitability of the design and operating effectiveness of Reflektive’s controls to meet the criteria for these principles. In addition, Reflektive’s measures for detecting and mitigating any potential suspicious activity were reviewed and validated, along with its implementation of forensic and corrective measures to prevent any future such events.
Related Resources
- Reflektive Blog: https://reflektive.com/soc-2-compliance-enterprise/
- Reflektive E-books, Webinars and Videos: https://reflektive.com/resources/
- Reflektive Product Overview: https://reflektive.com/products/
- SOC 2 Compliance and Audit Reports information: https://kirkpatrickprice.com
About KirkpatrickPrice, LLC
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 600 clients in more than 48 states, Canada, Asia, and Europe. The firm has over 11 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, HIPAA, HITRUST CSF, PCI DSS, ISO 27001, FISMA, and CFPB frameworks.