February 13, 2023CMMS
MaintainX Does It Again: SOC 2 Type 2 Compliance Renewal and ISO 27001 Certification
MaintainX Earns SOC 2 Compliance Renewal and ISO 27001 Certification
Once again, we are pleased to announce that the MaintainX platform has earned SOC 2 Type 2 compliance renewal and ISO 27001 certification.
It’s 2023: MaintainX Platform Earns SOC 2 Type 2 Compliance Renewal Again!
We received our first SOC 2 Type 2 Compliance notification in 2020. And we’ve just earned it again in 2023.
The SOC 2 Type 2 compliance designation is an external audit of MaintainX’s internal controls that protect customer information. The audit specifically focuses on MaintainX’s description of its organizational system and designates that the organization’s internal controls are designed and operating effectively.
As the compliance renewal reinforces, MaintainX fulfills the crucial industry standards that SOC 2 criteria require. We wholeheartedly accept our risk-management responsibilities to protect clients’ privacy and data from cyber-attacks.
According to the American Institute of CPAs (AICPA), which administers SOC 2, the objective of the certification:
“is to provide a means by which organizations can communicate useful information regarding their cybersecurity risk-management programs to stakeholders, and CPAs can examine and report on such information, thereby increasing the confidence stakeholders can place on such information.”
Speaking to the quality and purpose of its SOC 2 audit, AICPA explains:
“Accounting professionals serve as capital market gatekeepers. Their skepticism, judgment, expertise and commitment to the public interest inform their work to audit, assure and report on the financial and non-financial information private and public companies, non-profits and governments produce.”
MaintainX Platform Earns ISO 27001 Certification Again!
As with our 2023 SOC 2 renewal, the MaintainX platform received ISO 27001 certification. The certification confirms once again how seriously we take the protection of our customers’ information, the privacy of their data, and their supporting services.
According to the International Organization for Standardization, its internationally accepted ISO 27001:2022 (previously known as ISO/IEC 27001:2013):
“specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.”
MaintainX created an ISMS Information Security Policy in accordance with the ISO standard to govern the processes required to protect company and information assets. ISMS stands for Information Security Management System. It focuses on three crucial aspects of information security and management: confidentiality, integrity, and security. In addition, ISMS meets GDPR (General Data Protection Regulations) requirements. These requirements include compliance, privacy, and security laws, drafted and passed by the European Union in 2016, and required by companies doing business in the EU beginning in 2018.
MaintainX uses ISO 27001 Information Security frameworks to identify and maintain the technologies, processes, and assets needed to protect customer information (confidentiality, integrity, availability, and privacy) and comply with contractual agreements. Furthermore, all MaintainX employees undergo information security training to align our daily operations with MaintainX’s information security goals and objectives.
MaintainX helps our customers track their reactive and preventive maintenance and control their daily operations, such as safety inspections, quality inspections, and operation checklists, all with a digital audit trail.