Cassie announced it has successfully completed the System and Organization Controls (SOC) 2 Type II examination in recognition of its commitment to information security.  Developed by the American Institute of CPAs, the System and Organization Controls 2, also known as SOC 2, evaluates organisations five ‘trust service principles’ for managing customer data – security, availability, processing integrity, confidentiality, and privacy.

An SOC 2 examination is one of the most stringent evaluations of an organisation’s internal controls for customer data and sensitive information. It is the standard for data security among digital companies across many different industries in the US.

“Cassie is in the business of helping our customers understand and comply with complex data protection standards. This recognition demonstrates Cassie’s commitment to the highest level of accountability when it comes to our own internal controls, so our customers can trust Cassie to advise them on the complexity of today’s data landscape,” said CEO Glenn Jackson “Cassie’s SOC II certification serves as a stamp of approval and it distinguishes Cassie among compliance and consent service providers in the US.”

An independent auditor, Insight Assurance, conducted the detailed examination that evaluated the operational effectiveness of Cassie’s controls and the security of all of Cassie’s third-party vendors. The process also allowed Cassie to define policies to ensure continued protection for customers and employees, ensuring the safety of these parties’ data at present and ensuring appropriate standards for upholding it in the future.

Cassie is excited to be taking this important step to further its data protection practices as it continues to grow its consent and preference management business in the US.

“We are thrilled to announce that Cassie has successfully completed the SOC 2 Type II examination, demonstrating our unwavering commitment to protecting our customers’ sensitive data,” said Cassie CTO David Murfitt. “This achievement reflects our continued investment in robust security controls and rigorous policies to maintain the highest standards of data protection. With this recognition, our customers can trust that their information is secure and protected at all times, and we will continue to prioritise data security as a core part of our business.”