I wanted to share some exciting news with our current and future customers!
On February 1, 2019, Viewpoint earned SOC 2 Type 1 certification on seven products within our global portfolio as reported by independent auditor Moss Adams, LLP – the climactic denouement of a collaborative yearlong effort. The SOC 2, Type 1 certification should inspire confidence among our global client base that our systems and processes satisfy the SOC 2 security control standards (as denoted in the AICPA Trust Services Criteria for Security).
Security is a priority at Viewpoint and obtaining SOC 2, Type 1 certification reinforces our security commitment, proving that we have controls and the associated procedures, designed to provide a secure cloud platform. We realize that protecting data is important to our customers when selecting a cloud solution partner and we are proud to provide such an assurance to our customers!
The Proof and the Process
The process to achieve SOC 2 Type 1 certification was internally collaborative and lengthy. In advance of the audit, we worked diligently to prepare, and we underwent examination in October 2018. Our auditor thoroughly reviewed our controls, procedures, and product documentation around our security practices and examined the security controls in our products and cloud platforms. The audit culminated in a report providing confirmation that Viewpoint’s security controls meet the applicable TSC for SOC2, Type 1.
A Continuing Commitment to Cloud Security
But we’re not stopping there! We want to be one of the most secure and predictable cloud partners our customers leverage. We are continuing down the SOC 2 certification path by working toward achieving SOC 2 Type 2 certification in 2019, which will complement our ISO27001:2013 certification which covers the development of our Viewpoint for Projects product in the UK.
Beyond audits and external certifications, we strive to continue to be a leader in the construction software industry by leveraging common well known frameworks to facilitate a risk-based stratagem to security, adopting industry best practices for controls, and creating applications with a secure software development lifecycle (SSDLC). Look for a product security statement on our website www.viewpoint.com later this year.
If you are a customer or prospective customer you may contact our Legal department to obtain a copy. We may require a NDA, as the SOC 2 Type 1 report is confidential information. Please send all inquiries to firstname.lastname@example.org.