Today, I’m proud to announce that TUNE has concluded successful audits for SOC 2 Type II certification and SOC 1 Type II certification, receiving positive reports for both.
This is the fourth year in a row TUNE has earned a clean bill of health in its SOC 2 Type II audit, which evaluates service organization controls relevant to security. It’s the second consecutive year TUNE has completed a successful SOC 1 Type II audit, which tests the suitability of financial reporting system design and operating effectiveness.
What Is SOC?
SOC stands for System and Organization Controls, a component of the American Institute of CPAs’ (AICPA) reporting platform. SOC audits for Service Organizations are intended to assure the security, availability, processing integrity, confidentiality, and privacy of customer data.
Use of an independent third-party audit to review privacy, security, and reporting controls is an investment that companies do not take lightly. The audit process tests the sufficiency of a company’s procedures and execution on a variety of systems. It also requires active employee engagement across a broad swath of the company.
SOC 2 audits are both technical and pragmatic; they require a company to document and comply with comprehensive information security policies and procedures. SOC 1 audits focus on user entities, testing their relevant internal controls over financial reporting. Positive reports for both audits signal that TUNE customers can expect high standards across TUNE’s data security and privacy practices as well as quality control from TUNE reporting.
Type I vs Type II Reports
Each audit period, TUNE has voluntarily pursued the more stringent and comprehensive Type II report rather than a Type I report. Type II reports require a company to test its policies and procedures over a lengthy time period, whereas Type I reports test a single moment in time.
TUNE’s usual audit period for SOC 2 and SOC 1 covers 12 months, demonstrating our ongoing effort to uphold the Trust Services Principles.
TUNE’s Commitment to Security
TUNE pursues SOC audits and other voluntary examinations to both improve our practices and demonstrate our commitment to provide trustworthy and transparent solutions for our customers, partners, and employees. We view the feedback loop generated from periodic third-party reviews — including active dialogue with auditors — as the best means to improve forward-looking operations.
TUNE previously completed SOC 2 Type II audits covering periods of time in 2017, 2018, and 2019, and a SOC 1 Type II audit in 2019. We intend to sustain our investments in a customer-centric compliance program in the years to come.
Relevant portions of both the SOC 2 Type II and SOC 1 Type II reports are available upon request to [email protected] for TUNE customers as well as prospects under a non-disclosure commitment.
To learn more about how TUNE approaches data security and privacy, click here.
Author
As COO, Cameron oversees operations at TUNE, including human resources, global office operations, IT and customer service teams. Previously, Cameron was GM leading TUNE's flagship product, HasOffers, actively contributing to business development and product strategies. Before joining the company in 2009, Cameron worked with Robert Half International for Fortune 500 clients, developing and maintaining relationships by consulting corporations on their organizational development and staffing needs. Since joining TUNE in 2009, Cameron has combined his business development and leadership experience with customer-centric views to deliver an experience that revolutionizes customer care standards in the industry. Cameron graduated from Washington State University with a Bachelor’s in Finance and Economics.
