ISO 27001 & SOC2 Certifications

Sense Street safeguards data and systems through robust cybersecurity measures, ISO 27001 and SOC 2 certifications.

Cybersecurity is a critical aspect of our operations, it is designed to protect our clients' and our company's data, systems, and intellectual property from cyber threats. To ensure our protection is kept at high standard, we've developed a comprehensive cybersecurity strategy that includes policies, procedures, and controls designed to mitigate risks and protect against cyber-attacks.

ISO 27001 Certification

ISO 27001 is an international standard that specifies the requirements for an information security management system (ISMS) within an organisation.

To be ISO 27001 compliant, an organisation must demonstrate that it has implemented a comprehensive and systematic approach to managing information security risks.

ISO 27001 compliance provides assurance to customers and stakeholders that an organisation has implemented appropriate controls to protect their information assets. It is particularly relevant for organizations that handle sensitive information, such as financial data, personal information, and intellectual property.

To gain ISO 27001 certification, an organisation must undergo an audit by an independent certification body to assess whether its ISMS meets the requirements of the standard. If the audit is successful, the organisation is issued with an ISO 27001 certificate, which is valid for three years subject to annual surveillance audits.

The ISO 27001 standard requires organisations to follow a structured approach to information security management, which includes: Risk Assessment, Security Controls, Policies and Procedures, Management Review and Continuous Improvement.

Sense Street was originally issued ISO 27001: 2013 certificate on 22nd of December 2020 and is since then a subject of annual surveillance audits. On February 20th 2024 Sense Street Limited obtained ISO/IEC 27001: 2022 certification.

Validity of the certificate can be independently verified at all times.

SOC2 Type 2 Certification

SOC 2 (Service Organisation Control 2) is a standard for data security and privacy developed by the American Institute of Certified Public Accountants (AICPA).

It sets out criteria for evaluating the effectiveness of a service organisation's internal controls related to security, availability, processing integrity, confidentiality, and privacy.

SOC 2 compliance provides assurance to customers and other stakeholders that the service organization has appropriate controls in place to protect their data and maintain the confidentiality, integrity, and availability of its systems. It is particularly relevant for organisations that provide services such as Software-as-a-Service (SaaS), and data hosting.

Type 2 Report evaluates the design and operating effectiveness of the organisation's controls over a period of time (usually six months to one year).

To be SOC 2 compliant, a service organization must undergo a thorough audit by an independent auditor who evaluates the organization's controls against the SOC 2 Type 2 criteria. The auditor assesses whether the controls are suitably designed and operating effectively to meet the criteria.

Sense Street was originally issued SOC 2 Type 2 certificate on 4th of July 2022, and is since then a subject of annual surveillance audits.