Industry-Standard Accreditation
The SOC 2 audit is one the highest recognized standards of information security compliance in the world. It was developed by the American Institute of CPAs (AICPA) to allow a third-party auditor to validate a service company’s internal controls with respect to information security. The SOC 2 Audited Report is the auditor’s opinion on how an organization’s security controls meet the SOC 2 criteria.
To obtain our audited SOC 2 Report, a third-party auditor reviewed our internal controls including policies, procedures and infrastructure regarding data security, firewall configurations, change management, logical access, backup and disaster recovery, security incident response and other critical areas of our business.
Thanks to a company-wide effort at Inflectra and with the help of our friends at Secureframe, we successfully achieved compliance and received an Auditor’s Report demonstrating that our policies, procedures, and infrastructure meet or exceed the SOC 2 criteria.
We believe the relationship with our customers must be built on trust. The successful completion of our SOC 2 Report is one of many ways that we have planned to earn and retain that trust. SOC 2 is just one aspect of our growing security program. We are committed to continually improving our information security program and retaining an annual SOC 2 audit to ensure we keep supporting our customers’ needs.
Simon Bor, Inflectra's CTO, who leads the company's security efforts, said:
"I hope our successful completion of our first SOC2 audit will give our customers confidence and assurance about how seriously we take protecting the sensitive data they entrust to us. This audit is an important milestone among the many steps we have taken over many years and will continue to take to harden our security."
About SOC2
SOC2 is a voluntary compliance standard for service organizations, developed by the American Institute of CPAs (AICPA), which specifies how organizations should manage customer data. The standard is based on the following Trust Services Criteria: security, availability, processing integrity, confidentiality, privacy. A SOC2 report is tailored to the unique needs of each organization. Depending on its specific business practices, each organization can design controls that follow one or more principles of trust. These internal reports provide organizations and their regulators, business partners, and suppliers, with important information about how the organization manages its data.
Scope of the SOC2 Certification
Inflectra creates lifecycle management and testing tools for software businesses. Its mission is to help organizations of any size deliver quality software, faster and with lower risk. Inflectra provides both SaaS and on premise offerings. Inflectra's products in scope are all editions of Spira (an enterprise grade software, requirements, risk, quality, and agile management solution) - SpiraTest, SpiraTeam and SpiraPlan, TaraVault (a git and SVN hosting solution addon to Spira), and KronoDesk (a workflow oriented customer helpdesk and support tool). Inflectra's differentiators are its focus on baked-in best practice, easy to use features out of the box to meet complex needs, and the balanced combination of wide ranging but carefully interconnected features. The scope of this report includes the software lifecycle management and customer helpdesk platforms
About Inflectra
Inflectra offers its customers a trusted and seamless platform for creating and releasing their most important technology products on time and with the highest quality. The Inflectra suite includes capabilities for managing requirements, test cases, resources, risks and automating all aspects of the entire software development lifecycle. Inflectra recognizes that companies are facing the challenges of releasing software with greater agility and yet meeting increased compliance needs. The Inflectra platform combines world class support for agile methodologies and test automation with end-to-end traceability and auditability.
Founded in 2006 and headquartered in the United States, Inflectra now has offices in more than 10 countries, along with a global partner network that covers more than 5,000 customers worldwide. Inflectra offers a unique concurrent pricing model for all its tools, with unlimited products, projects, sprints, tests, and API calls included in a single price. A people-first culture means that customers are more than a number at Inflectra, a fact reflected in its high customer retention stats, its many brand evangelists, and its legendary customer support ratings. Known for this legendary customer support, all Inflectra products have a 30-day fully functional free trial, so customers can see for themselves.