Compliance and Certification Table

Kiteworks touts a long list of compliance and certification achievements.

Frequently Asked Questions

SOC 2 (Service Organization Control 2) is a widely recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA) for evaluating a service organization’s data security and privacy practices. The AICPA has established five trust principles that serve as the basis for SOC 2 compliance: security, availability, processing integrity, confidentiality, and privacy. SOC 2 compliance helps organizations demonstrate their commitment to protecting customer information, providing assurance to their customers and business partners. In order to demonstrate SOC 2 compliance, organizations are evaluated for the effectiveness of their controls related to the security, availability, processing integrity, confidentiality, and privacy of customer data. SOC 2 compliance is not a one-time event. Organizations must undergo regular audits to maintain their SOC 2 compliance status.

SOC 2 compliance is important because it helps organizations enhance data security and privacy, build trust with their customers, and comply with regulatory requirements. SOC 2 compliance also assures customers and business partners that an organization has effective controls in place to protect their sensitive content.

To become SOC 2 compliant, an organization must undergo an audit conducted by an independent auditor. The audit evaluates the effectiveness of the organization’s controls related to the five trust principles established by the AICPA: security, availability, processing integrity, confidentiality, and privacy. The audit process typically involves a risk assessment to identify potential security risks and implement controls to mitigate those risks. The audit process also includes a review of the organization’s policies, procedures, and systems, as well as interviews with employees and a site visit. Organizations must undergo regular audits to maintain their SOC 2 compliance status.

SOC 2 compliance offers several benefits to organizations, including: improved data security and privacy practices by having identified areas for improvement and implementing effective controls; stronger trust with customers and business partners by demonstrating a commitment to data security and privacy; and additional business opportunities by having satisfied customer and partner requirements for data security and privacy.

The five trust principles established by the AICPA for SOC 2 compliance are:

  • Security: The system is protected against unauthorized access, both physical and logical.
  • Availability: The system is available for operation and use as committed or agreed upon.
  • Processing integrity: System processing is complete, accurate, timely, and authorized.
  • Confidentiality: Information designated as confidential is protected as committed or agreed upon.
  • Privacy: Personal information is collected, used, retained, disclosed, and destroyed in accordance with the organization’s privacy notice and with the criteria set forth in the AICPA’s privacy principles.



Get started.

It’s easy to start ensuring regulatory compliance and effectively managing risk with Kiteworks. Join the thousands of organizations who feel confident in their content communications platform today. Select an option below.


Avec Kiteworks, se mettre en conformité règlementaire et bien gérer les risques devient un jeu d’enfant. Rejoignez dès maintenant les milliers de professionnels qui ont confiance en leur plateforme de communication de contenu. Cliquez sur une des options ci-dessous.

Jetzt loslegen.

Mit Kiteworks ist es einfach, die Einhaltung von Vorschriften zu gewährleisten und Risiken effektiv zu managen. Schließen Sie sich den Tausenden von Unternehmen an, die sich schon heute auf ihre Content-Kommunikationsplattform verlassen können. Wählen Sie unten eine Option.

Get A Demo