<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=229461991482875&amp;ev=PageView&amp;noscript=1">

At Gatekeeper, we continually invest in security best practices to ensure that our client’s data stays safe and secure. As a part of an ongoing effort, we are excited to announce that we’ve successfully passed our SOC 2 assessment. 

The examination was conducted by A-LIGN, a technology-enabled security and compliance firm trusted by more than 2,500 global organisations to help mitigate cybersecurity risks.

“Gatekeeper’s SOC 2 report validates its commitment to data security and protection, as well as compliance with critical standards to mitigate cybersecurity threats.” 


Keeping our customers protected 

Gatekeeper’s control framework was independently audited to assess our compliance with the SOC 1 Type 1 & 2 and SOC 2 Type 2 framework. We chose to assess our internal controls across the whole business including leadership strategy and corporate governance, but the key focus was on the Gatekeeper platform and its:

  • Security
  • Privacy
  • Confidentiality
  • Privacy
  • System Access Control 

SOC 2 governs how Gatekeeper manages customer data and has a great deal of cross-over with the ISO27001 accreditations we have held for 5+ years. Whilst ISO has global appeal, SOC 2 will provide additional comfort to our US-based customers that their data is protected. 

What Is SOC 2?

Rather than a cybersecurity assessment that evaluates specific technical configurations, a SOC 2 report focuses more on how an organisation implements and manages controls to mitigate the identified risks to the different parts of an organisation.

The SOC 2 audit testing framework is based on the Trust Services Criteria (TSC), which are used to identify various risks an organisation should consider addressing. There are five Trust Services Criteria.

The first criteria, Security, must be included with every SOC 2 report and is referred as the “Common Criteria”. The remaining four are optional to include:

  • Security (required)
  • Availability (optional)
  • Processing Integrity (optional)
  • Confidentiality (optional)
  • Privacy (optional)

Reports available upon request 

Gatekeeper will make the SOC 2 report available to current or potential customers upon execution of a non-disclosure agreement.  We hope the steps we have taken help you remain confident in knowing that your data is secure with Gatekeeper. 

Gatekeeper values the trust of its customers and that’s why we’re committed to providing the highest levels of security, availability and confidentiality,” 

says Patrick O’Connor, CEO of Gatekeeper. 'Passing both SOC 1 Type 2 and SOC 2 Type 1 assessments, in addition to our existing ISO 9001 and ISO 27001 certificates, demonstrates our ongoing dedication to protecting customers and their data.'


To learn more about our security policies and initiatives, please contact a member of the team.

Shannon Smith
Shannon Smith

Shannon Smith bridges the gap between expert knowledge and practical VCLM application. Through her extensive writing, and years within the industry, she has become a trusted resource for Procurement and Legal professionals seeking to navigate the ever-changing landscape of vendor management, contract management and third-party risk management.

Tags

Contract Management , Control , Vendor Management , Compliance , Contract Lifecycle Management , Contract Management Software , Visibility , Contract Lifecycle , Case Study , Vendor and Contract Lifecycle Management , Supplier Management , Vendor Management Software , Contract Risk Management , Contract Management Strategy , Contract Repository , Regulation , Risk Mitigation , Third Party Risk Management , Contract Automation , Regulatory compliance , VCLM , TPRM , Workflows , Artificial Intelligence , CLM , Contract Ownership , Contract Visibility , Contract and vendor management , Contracts , Procurement , Supplier Performance , Supplier Risk , contract renewals , Legal , Legal Ops , NetSuite , Podcast , Risk , Vendor Onboarding , Contract compliance , Financial Services , Future of Procurement , Gatekeeper Guides , Procurement Reimagined , Procurement Strategy , RFP , Supplier Relationships , Business continuity , CLM solutions , COVID-19 , Contract Managers , Contract Performance , Contract Redlining , Contract Review , Contract Risk , ESG , Metadata , Negotiation , SaaS , Supplier Management Software , Vendor Portal , Vendor risk , webinar , AI , Clause Library , Contract Administration , Contract Approvals , Contract Management Plans , Cyber health , ESG Compliance , Kanban , Market IQ , RBAC , Recession Planning , SOC Reports , Security , SuiteWorld , Sustainable Procurement , collaboration , Audit preparedness , Audit readiness , Audits , Business Case , Clause Template , Contract Breach , Contract Governance , Contract Management Audit , Contract Management Automation , Contract Monitoring , Contract Obligations , Contract Outcomes , Contract Reporting , Contract Tracking , Contract Value , DORA , Dashboards , Data Fragmentation , Digital Transformation , Due Diligence , ECCTA , Employee Portal , Excel , FCA , ISO Certification , KPIs , Legal automation , LegalTech , Mergers and Acquisitions , Obligations Management , Partnerships , Procurement Planning , Redline , Scaling Business , Spend Analysis , Standard Contractual Clauses , SuiteApp , Suppler Management Software , Touchless Contracts , Vendor Relationship Management , Vendor risk management , central repository , success hours , time-to-contract , APRA CPS 230 , APRA CPS 234 , Australia , BCP , Bill S-211 , Biotech , Breach of Contract , Brexit , Business Growth , CCPA , CMS , CPRA 2020 , CSR , Categorisation , Centralisation , Certifications , Cloud , Conferences , Confidentiality , Contract Ambiguity , Contract Analysis , Contract Approval , Contract Attributes , Contract Challenges , Contract Change Management , Contract Community , Contract Disengagement , Contract Disputes , Contract Drafting , Contract Economics , Contract Execution , Contract Intake , Contract Management Features , Contract Management Optimisation , Contract Management pain points , Contract Negotiation , Contract Obscurity , Contract Reminder Software , Contract Requests , Contract Routing , Contract Stratification , Contract Templates , Contract Termination , Contract Volatility , Contract relevance , Contract relevance review , Contracting Standards , Contracting Standards Review , Cyber security , DPW , DPW, Vendor and Contract Lifeycle Management, , Data Privacy , Data Sovereignty , Definitions , Disputes , EU , Electronic Signatures , Enterprise , Enterprise Contract Management , Financial Stability , Force Majeure , GDPR , Gatekeeper , Healthcare , ISO , IT , Implementation , Integrations , Intergrations , Key Contracts , Measurement , Microsoft Word , Modern Slavery , NDA , Operations , Parallel Approvals , Pharma , Planning , Port Agency , Pricing , RAG Status , Redlining , Redlining solutions , Requirements , SaaStock , Shipping , Spend optimzation , Startups , Supplier Cataloguing , Technology , Usability , Vendor Categorisation , Vendor Consolidation , Vendor Governance , Vendor Qualification , Vendor compliance , Vendor reporting , Voice of the CEO , automation , concentration risk , contract management processes , contract reminders , cyber risk , document automation , eSign , enterprise vendor management , esignature , post-signature , remote working , vendor centric , vendor lifecycle management

Related Content

 

subscribe to our newsletter

 

Sign up today to receive the latest GateKeeper content in your inbox.

Subscribe to Email Updates