Info about Workiva's SOC report periods and release dates
UPDATED 11/02/2023
It's everybody's favorite time of year—SOC report season!
All kidding aside, we know our annual compliance reports are important to you, and we work hard to get them to you in a timely manner. We tend to get a few questions on our compliance process, so we wanted to share with you some information on our control periods and anticipated release dates.
Workiva completes Service Organization Controls (SOC) 1 and 2 Type II reports annually. The SOC reports are performed by an independent third party and establishes that Workiva employs uniform and reliable operational controls and safeguards as a host and processor of data belonging to their customers. Workiva does not disclose the results of internal audits.
SOC reports
- Workiva SOC 1 Type II report has a control period that covers October 16 through October 15. This will be issued no later than the end of December.
- Workiva SOC 2 Type II report, which includes HIPAA, has a control period that covers October 16 through October 15. This will be issued no later than the end of December.
- Workiva will also be issuing an additional SOC 1 with a reporting date of January 1 through December 31. This will be issued no later than the end of February.
- Workiva will also be issuing an additional SOC 1 with a reporting date of April 1 through March 31. This will be issued no later than the end of May.
It usually takes 6-8 weeks from the end of the report period to receive the final SOC Reports. Once available, we will post them to the Security and Compliance Document Request Portal. Additionally, a Bridge Letter through the end of the quarter will be available within the first week of the new quarter.
TL;DR - our usual SOC reports will be made available on the Compliance portal by the end of December, March, and May each year.
Additional info
Workiva is also ISO/IEC 27001:2013 certified and is FedRAMP authorized (see here). Here is our published privacy policy with a Truste Certification: https://www.workiva.com/legal/privacy-policy
Workiva partners with Google® and Amazon®, both of which are SOC 2, ISO 27001, 27017, and 27018 compliant.
If you have any questions, just let us know. Thanks, and have great day!
Amazon Web Services is a trademark of Amazon.com, Inc. or its affiliates in the United States and/or other countries.
Google Cloud is a registered trademark of Google Inc.
-
正式なコメント
Great news! The SOC 1 Type II and SOC 2 Type II reports are now available on the compliance portal. The bridge letter is expected to made available on December 31, 2021. We'll update you as well then the new SOC report is available in May. Thanks again and happy holidays!
サインインしてコメントを残してください。
コメント
1件のコメント