CandorIQ Achieves SOC 2 Type II Compliance

CandorIQ Achieves SOC 2 Type II Compliance

A Milestone in Data Security and Transparency

At CandorIQ, our mission is to drive fairness and transparency in pay. It has always been a top priority to make sure that mission for transparency extends beyond our software solutions and into every aspect of our business operations. Today, we are excited to announce that we have successfully completed the SOC 2 Type II compliance audit, marking a significant milestone in that commitment to data security and transparency.

What is SOC 2 Type II Compliance?

SOC 2 Type II compliance is an audit of operational and security practices set by the American Institute of Certified Public Accountants (AICPA). Its goal is to evaluate a company’s ability to protect sensitive information from unauthorized access or disclosure. SOC 2 Type II compliance is recognized as the gold standard for US-based companies and covers important aspects of security like: availability, processing integrity, confidentiality, and privacy of data.

Our Commitment to Data Security

CandorIQ believes deeply that transparency is paramount—not only in compensation management, but also in how we handle our customers’ data. Successfully passing the SOC 2 Type II audit is a testament to our robust security measures and our continuous efforts to safeguard your data. In addition to SOC 2 Type II compliance, we implement additional measures such as:

• Aggregate & De-Identified Data CandorIQ does not use individual identifying information in our benchmarking product. Instead, we use data that’s been anonymized to protect personal information.
• Enterprise-Grade Cloud Services We use top tier cloud services AWS and Supabase for data storage, processing, and networking.
• Security by Design CandorIQ uses a security by design approach when building our software. This means that we’ve integrated security measures into our systems since the beginning of development. Keeping our systems protected against vulnerabilities from day one with best practices like SSO authentication and more.
• Enterprise Access Controls & Permissions You decide who has access to not only data, but different tools and features based on profiles, levels, and department segmentation. As your comp strategy shifts, you can update your access permissions with any necessary changes.

As we move forward, we will continue to monitor and enhance our security measures to maintain compliance and protect our customers' data. 

For those who are not yet customers, we invite you to book a demo and see firsthand how CandorIQ can transform your compensation management processes with secure and transparent solutions.