riskmethods announces successful SOC 2 Type 2 audit


BOSTON & MUNICH – (05.04.2022) — riskmethods, a global leader in supply chain risk management, announces the successful completion of its System and Organization Controls 2 Type 2 (SOC 2 Type 2) audit for the period of July-September 2021, as part of riskmethods’ commitment to protecting its customers’ sensitive information in every industry. 

The independent examination, conducted by leading cybersecurity assessment firm A‑LIGN, validates our organizational operating effectiveness, and confirms that riskmethods’ security practices and controls meet the Trust Services Principles and Criteria for security, availability, processing integrity, confidentiality, and privacy over an extended period. 

As more companies rely on cloud-based solutions, there is an increasing need for trust and transparency of technology providers. This independent validation of security controls is also crucial for customers in highly regulated industries. 

“Our customers rely on us for building resilience and trust with their suppliers and partners. Within this critical process, they trust us not only with the resiliency process, but also with their sensitive and confidential data, which is why this topic is top priority for us. Although this was our first SOC 2 Type 2 audit, implying a learning curve for the whole organization, we are proud to say that we have matched expectations on all aspects, as we have been living those controls and already operating by them informally. We are committed to moving forward to keep up with the latest standards,” said riskmethods founder and CEO Heiko Schwarz. 

Huw Pegler, VP of Sales EMEA at A-LIGN adds: “SOC 2 is a challenging audit for many service providers. We are now seeing more organizations outside the US requiring their providers to demonstrate SOC 2 compliance, meaning that it is becoming a truly global framework. As a trusted third-party security and compliance firm, A-LIGN scrutinizes client data processes and procedures, governance on internal controls, and security posture. The success of riskmethods’ SOC 2 Type 2 examination of its Supply Chain Risk Management Services System confirms the company’s ability to maintain a strong information security posture, and further reiterates its commitment to its customers in information security management standards to mitigate cybersecurity risks.” 

Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 examination is designed for organizations of any size, regardless of industry and scope, by ensuring the personal assets of their potential and existing customers are protected. SOC 2 reports are recognized globally and affirm that a company’s infrastructure, software, people, data, policies, procedures, and operations have been formally reviewed.   




Back to top