St. Louis, MO – Tuesday, September 10, 2024 – Comprose announced today that it has achieved SOC 2 Type II compliance in accordance with the American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations, commonly known as SSAE 18. In addition, COMPROSE, INC. has successfully maintained the ISO 27001 certification, a globally recognized standard for information security management systems (ISMS), through a Surveillance audit.
Achieving these certifications validates that COMPROSE, INC. provides enterprise-level security and protection for customer data, offering peace of mind that their information is handled with the highest standards of security and integrity.
"Our team is proud to have achieved both SOC 2 and ISO 27001 certifications for another year. At the core of our mission is the security and trust of our clients, and these achievements reinforce our dedication to safeguarding their information at every level. It’s especially important to have used our own Zavanta software to not only gain these certifications, but to have also cut our audit time in half,” says John Lewis, Comprose President.
Comprose achieved SOC 2 and ISO 27001 certifications by partnering with Vanta and using our own software, Zavanta’s comprehensive policy and procedure management system. Zavanta played a crucial role in automating the creation, review, and approval of documents, ensuring that all policies were up-to-date, accessible, and compliant. Our Zavanta features, like version control, cross-linking, filters, and robust access controls, provided a seamless and efficient way to organize and manage critical documents.
Zavanta's ability to verify employee understanding through read receipts, e-signatures, and compliance testing also demonstrated to auditors that Comprose’s full team fully adhered to security protocols – all while keeping security protocols internal and with resources readily available to the team. Zavanta’s system created a structured environment for maintaining documentation, setting a solid foundation for ongoing compliance and future recertifications.
Comprose’s security and compliance principles guide how we deliver our products and services, enabling people to simply and securely access the digital world.
SOC 2 and ISO 27001 demonstrate Comprose’s commitment to these principles, reinforcing that stringent operational controls are in place to secure customer data and ensure availability. These certifications reflect COMPROSE’s unwavering dedication to information security, positioning the company as a trusted partner.
About Comprose
Comprose, founded in 1987, is a leading provider of intentionally designed policy and procedure (P&P) and standard operating procedure (SOP) software. The company is dedicated to helping people thrive by gaining access to accurate “how-to” knowledge anytime, anyplace, in any language. Comprose's solution enables organizations to improve performance, ensure compliance, mitigate risks, and drive measurable business improvements.
About Prescient Assurance
COMPROSE, INC. was audited by Prescient Assurance, a leader in security and compliance attestation for B2B SAAS companies worldwide. Prescient Assurance is a registered public accounting in the US and Canada and provides risk management and assurance services, which include, but are not limited to, SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, and CSA STAR. For more information about Prescient Assurance, you may reach out to them at info@prescientassurance.com.
An unqualified opinion on a SOC 2 Type II audit report demonstrates to COMPROSE, INC.’s current and future customers that they manage their data with the highest standard of security and compliance.