Phocas achieves SOC2 Type II Compliance


Phocas Software have announced the successful completion of its System and Organisation Controls 2 Type II (SOC 2 Type II) examination. The SOC 2 Type II qualification reinforces the company’s ongoing commitment to data security.

SOC 2 Type II reports are recognised globally and affirm that Phocas’ infrastructure, software, people, data, policies, procedures and operations have been formally reviewed.

The external audit examined how well Phocas data security systems and controls performed over a 12-month period. The Type II accreditation is a progression from the Type I audit completed by Phocas in 2021.

Myles Glashier, founder and CEO of Phocas says data security is a priority for the privately-owned global software business.

“Our customers rely on us every day to store and process critical information so they can do the jobs that need accurate data like managing cashflow, budgeting, forecasting and workforce planning, which makes protecting that data essential,” said Glashier.

Business owners, CFOs, accountants and sales managers need to have assurance that their sensitive data is safe within our cloud-based ecosystem, so our infrastructure and processes need to be aligned,” explained Glashier.

“A dedicated team at Phocas looks after the data systems and controls and carry out regular testing. We also work closely with world-class technology partners like AWS. It’s imperative with the rise of cyberattacks to undergo audits to ensure our high standards are maintained and assessed. It gives us and our customers great peace of mind that the measures are in place to keep their data and their customers’ data safe by having achieved all requirements of SOC 2 Type II,” said Glashier.

Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 examination is designed for organizations of any size, regardless of industry and scope, by ensuring the personal assets of their potential and existing customers are protected.

The independent examination, conducted by global cybersecurity assessment firm A-LIGN validated Phocas’ security practices and controls. A-LIGN was satisfied Phocas met the Trust Services principles and criteria for security and availability from January to December 2022.


Related posts

Scroll to Top