Document Requests
This page lists the compliance, audit, and business documents Files.com provides on request, along with how to obtain each. It also covers the documents we do not provide and the reasons why.
Documents Available on Request
The following documents are available to customers and qualified prospects. Some require a signed Non-Disclosure Agreement (NDA) before release.
| Document | What it is | NDA required | How to request |
|---|---|---|---|
| SOC 2 Type II report | Full audit report covering the Security, Availability, and Confidentiality Trust Services Criteria, performed annually by Kirkpatrick Price. | Yes | Contact your Account Executive or Customer Support. |
| SOC 2 Bridge Letter | Letter covering the gap between the most recent SOC 2 audit period and the current date. | Yes | Contact your Account Executive or Customer Support. |
| Completed CAIQ v4 | Files.com's responses to the Cloud Security Alliance Consensus Assessments Initiative Questionnaire. | No | Contact Customer Support. See the CAIQ page. |
| PCI AOC (Attestation of Compliance) | Most recent PCI DSS Level 2 AOC. | No | Contact your Account Executive or Account Manager. See the PCI page. |
| Penetration Test Completion Letters | Formal confirmation that third-party penetration testing was performed. | No | Download from the documentation portal. See the Penetration Testing page. |
| Financial Audit Completion Letter | Letter from Grant Thornton LLP attesting to completion of our annual financial audit. | No | Contact your Account Executive or Customer Support. |
| VPAT (Voluntary Product Accessibility Template) | Conformance statement aligned to WCAG accessibility guidance. | No | Contact your Account Executive or Customer Support. |
| Data Processing Agreement (DPA) | Pre-written, pre-approved DPA covering GDPR-compliant processing terms, including Standard Contractual Clauses (SCCs) for cross-border transfers. | No | Contact your Account Executive or Customer Support. See the GDPR page. |
| Business Associate Agreement (BAA) | Pre-written, pre-approved BAA for HIPAA. Available only on Enterprise plans. | No | Contact your Account Executive or Customer Support. See the HIPAA page. |
| DORA Addendum | Contractual addendum supporting EU Digital Operational Resilience Act obligations. Available to qualified customers. | No | Contact your Account Executive or Customer Support. See the DORA page. |
| W-9 Form | Files.com (Action Verb LLC) IRS Form W-9 for tax and vendor onboarding. | No | Download W-9 (PDF). |
Documents We Do Not Provide
The following documents are sometimes requested in security reviews but Files.com does not release.
- Certificates of Insurance (COI). Files.com maintains industry-standard insurance coverage. We do not issue COIs to customers.
- Internal security policies, procedures, standards, and guidelines. Files.com maintains an extensive internal documentation library. These artifacts are proprietary and not shared externally. Their existence and operation are reviewed as part of our SOC 2 Type II audit, which is available under NDA.
- AWS audit reports. Files.com reviews AWS's SOC 2 report annually as part of our vendor management program, but AWS NDA terms prevent us from sharing it directly. AWS publishes its compliance documentation through AWS Artifact.
- Product roadmap. Detailed product plans are shared only with members of the Files.com Customer Advisory Board under NDA.
- Live customer references. Not provided as a standard practice. For prospective engagements with annual contract value above $100,000, references may be arranged on a case-by-case basis. For other prospects, see verified customer reviews on G2 and Gartner Peer Insights.
Frameworks Not Listed Here
If your organization requires a document for a compliance framework not listed on this page, contact your Account Executive or Customer Support. We will assess whether the request can be supported through existing documentation or a custom response.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes