SOC 2 Type II

Files.com undergoes an annual SOC 2 Type II audit. The audit is conducted by an independent third-party auditor and confirms that Files.com has implemented security controls and follows them consistently.

What Is SOC 2 Type II?

SOC 2 (System and Organization Controls 2) is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It evaluates how cloud service providers like Files.com handle customer data across five Trust Services Criteria:

1. Security: protection against unauthorized access, both physical and logical
2. Availability: system availability and uptime, relative to business commitments
3. Processing Integrity: accuracy and reliability of system processing
4. Confidentiality: protection of sensitive or restricted data
5. Privacy: collection, use, retention, and disposal of personal information

There are two types of SOC 2 reports. A Type I report validates that appropriate controls exist at a single point in time. A Type II report evaluates the operating effectiveness of those controls over time, typically a 3 to 12-month period.

SOC 2 Type II is the more rigorous of the two. It tells customers that security controls are in place and are consistently followed and monitored.

Files.com SOC 2 Audit History

Our most recent SOC 2 Type II audit was conducted by Kirkpatrick Price, an audit firm specializing in cloud and SaaS platforms.

• Audit Period: April 1, 2024 – March 31, 2025
• Final Report Issued: May 30, 2025
• Next Audit Period Start Date: April 1, 2025
• Next Anticipated Final Report: May 30, 2026

Files.com has completed multiple SOC 2 Type II audits with Kirkpatrick Price in previous years.

Accessing the Report

Files.com provides copies of our SOC 2 Type II report, or a Bridge Letter (for gaps between audit periods), to customers and qualified prospects under NDA.

To request the latest SOC 2 report, contact your Account Executive or Account Manager, or reach out to our support team.