top of page

Recertified with Flying Colors: What SOC 2 Type II & ISO 27001 Certifications Mean for Users of CC1

A header image showing a photo of a laptop screen with emerging padlock as people work, symbolising data security. The caption reads: CC1 delivers independently validated gold-standard data security

As evident as this may be, data security and regulatory compliance are paramount for organizations in regulated industries.


Regulated industries face the arduous task of managing vast amounts of critically sensitive data while adhering to strict regulatory standards. They need the tools that give them the maximum benefits, efficiency, and security.


Custodia's cloud-based capture, validation, and archiving service, CC1, is an exceptionally secure platform that streamlines compliance and unlocks data-driven decision-making, backed by SOC 2 Type II and ISO 27001 certifications.


On May 13, 2024, Custodia received SOC 2 Type 2 unqualified opinion attestation from independent auditor Prescient Assurance. This was the optimum outcome of the intense external audit that confirmed Custodia's recertification for best-in-class security controls. Read the Press Release here: RegTech leader Custodia achieves pivotal SOC 2 Type II recertification - FinTech Global


Now, let's dive into what SOC 2 Type 2 and ISO 27001 certifications mean.

What Are SOC 2 Type II & ISO 27001 Certifications?

SOC 2 Type II 

SOC 2 Type II certification is based on the Trust Services Criteria created by the American Institute of Certified Public Accountants (AICPA). It focuses on controls related to a system's security, availability, processing integrity, confidentiality, and privacy.


Custodia's recertification evaluated its security controls for at least six months, focusing on meeting Trust Services Criteria. To achieve Type II, Custodia established and documented strong controls, demonstrated continuous effectiveness through testing, and passed a thorough audit by an independent certified public accountant (CPA).


This independent attestation proves Custodia's long-term commitment to consistent security and privacy practices.

ISO 27001

ISO 27001 is an internationally recognized standard for establishing, implementing, maintaining, and continually improving an information security management system (ISMS) to ensure secure data handling and protection.


Custodia achieved ISO 27001 certification by developing a robust ISMS, assessing and mitigating risks, and training all employees. It passed internal and external audits, demonstrating an ongoing commitment to information security through continuous monitoring and improvement.


Achieving ISO 27001 shows that Custodia prioritizes stringent security measures to protect processed data from unauthorized access or breaches.

Why Do These Certifications Matter to Custodia's Customers?

Enhanced Trust:

Trust is critical to organizations in regulated industries, such as finance, insurance, healthcare, and energy. Custodia’s compliance with SOC 2 Type II and ISO 27001 certifications assures stakeholders that all data is handled securely and that CC1 complies with the highest industry standards.

Risk Mitigation:

Regulatory Compliance:

Improved Data Management:

Custodia's recent SOC 2 Type 2 unqualified opinion attestation from independent auditor Prescient Assurance and ISO 27001 certification reaffirm its position as an industry leader, making CC1 the ideal choice for organizations prioritizing data security and streamlined compliance.



bottom of page