Submittable’s Got You: SOC 2 Type 2

11/20/2019

Submittable is proud to work with you and devoted to keeping your organization’s vital data secure. To this end, our team is thrilled to announce a recent milestone: the platform is now SOC 2 Type 2 certified. 

This achievement is a testament to Submittable’s data security and privacy, for everyone who interacts with our platform. We know that your organization is not only concerned with your own data security, but also that of hundreds or even thousands of your submitters and applicants. Here are the basics:

What is SOC 2 Type 2?

Developed by the American Institute of Certified Professional Accountants (AICPA), a Service Organization Control (SOC) 2 audit assesses data protection among cloud-based service providers like Submittable. 

SOC 2 audits are performed by certified third parties, ensuring accuracy and impartiality. Whereas a SOC 2 Type 1 audit tests vendor controls at a single point in time, Type 2 is notably more comprehensive and rigorous, requiring between six and twelve months of assessment. A SOC 2 Type 2 audit is the most thorough appraisal available within the SOC protocol. 

AICPA SOC certification logo

Why is this certification important to Submittable?

In October of 2018, Submittable underwent a SOC 2 Type 1 audit which successfully demonstrated the software’s adherence to applicable AICPA trust services criteria. Given Submittable’s stalwart commitment to user data security, obtaining a SOC 2 Type 2 certification was a natural and important next step. 

Submittable’s latest audit was performed by AICPA licensed auditors at A-LIGN, a leading cybersecurity and compliance professional services firm. A-LIGN tested the real-world suitability and effectiveness of our security controls over a 10 month period and awarded Submittable a SOC 2 Type 2 certification in October of 2019.

What does SOC 2 Type 2 mean for you?

You rely on Submittable to streamline the submission process, a process in which data is integral. Because our team values your confidence in the software’s privacy and security procedures, Submittable takes the responsibility of protecting your data very seriously. 

While you won’t notice changes to the platform related to SOC 2 Type 2, you can feel good knowing that Submittable is always working to keep your organization’s, submitters’ and applicants’ data secure. 

And this commitment goes beyond our current certification. Submittable is dedicated to maintaining continuous SOC 2 Type 2 audit coverage on an annual basis. Your data security and privacy is important to our team, and essential to the future of our service. We thank you for using Submittable. 

Rachel Mindell

Rachel Mindell is a content creator and strategist for Submittable's Marketing and Product Teams. She also writes and teaches poetry. You can find Rachel's creative work here: rachelmindell.com