January 31, 2022CMMS
MaintainX Announces SOC 2 Type 2 Compliance Renewal and ISO 27001 Certification
MaintainX Announces SOC 2 Compliance Renewal and ISO 27001 Certification
We are pleased to announce that the MaintainX platform received SOC 2 Type 2 compliance renewal and is recently ISO 27001 certified.
MaintainX Platform Receives SOC 2 Type 2 Compliance Renewal
MaintainX first received its SOC 2 Type 2 Compliance notification in 2020. A SOC 2 Type 2 compliance designation is an external audit confirming that MaintainX’s internal controls protect customer information. The audit specifically focused on MaintainX’s description of its organizational system and identified that the organization’s internal controls are designed and operating effectively.
According to the American Institute of CPAs (AICPA), which administers SOC 2, the objective of the certification “is to provide a means by which organizations can communicate useful information regarding their cybersecurity risk-management programs to stakeholders, and CPAs can examine and report on such information, thereby increasing the confidence stakeholders can place on such information.”
We designed MaintainX to meet the crucial industry practices that support the same criteria that SOC 2 requires of service providers. We take our risk-management responsibilities seriously to protect clients’ privacy and data from cyber-attacks.
MaintainX Platform Earns ISO 27001 Certification
The MaintainX platform received ISO 27001 certification, performed by Cadence Assurance, LLC, confirming that we protect our customers’ information and privacy of their data and supporting services.
According to the International Organization for Standardization, its internationally accepted ISO 27001 (also known as (ISO/IEC 27001:2013) “specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.”
MaintainX created an ISMS Information Security Policy in accordance with ISO 27001 that governs the processes required to protect company and information assets. ISMS stands for Information Security Management System and focuses on three crucial aspects of information security and management: confidentiality, integrity, and security. In addition, ISMS meets the requirements of GDPR (General Data Protection Regulations) compliance, privacy, and security laws, drafted and passed by the European Union, and required by companies doing business in the EU.
MaintainX uses ISO 27001 Information Security frameworks to identify and maintain the assets, technologies, and processes needed to protect customer information (confidentiality, integrity, availability, and privacy) and comply with contractual agreements. Likewise, MaintainX employees undergo information security training to align their daily operations with MaintainX’s information security goals and objectives.
MaintainX helps its customers track their reactive and preventive maintenance and control their daily operations, such as safety inspections, quality inspections, and operation checklists, all with a digital audit trail.