Directly from our Security and Compliance Team
Ordway SOC 1 Type 2 and SOC 2 Type 2 Reports
Ordway obtains both SOC 1 Type 2 and SOC 2 Type 2 independent assurance reports annually from an external auditor. A copy of these reports can be provided upon request to Ordway customers and business partners. Submit the form below to obtain a copy of the latest versions.
Please share your contact details and reason for the request.
About Ordway’s SOC 1 Type 2 Report
As Ordway’s products touch billing, revenue recognition, payment processing, or other workflows that can affect a customer’s financial statements, we obtain a SOC 1 Type 2 report annually. The SOC 1 Type 2 is an independent assurance report, performed under the AICPA’s SSAE standards, that evaluates controls relevant to customers’ financial reporting. Type 2 reports test not only whether the controls are suitably designed but also whether they operate effectively over a defined period (typically several months).
About Ordway’s SOC 2 Type 2 Report
As Ordway’s applications house sensitive data and support critical business operations for our customers, we obtain a SOC 2 Type 2 report once per year. A SOC 2 Type 2 report is an independent assurance report, performed under the AICPA’s SSAE standards, that evaluates a service organization’s controls against the Trust Services Criteria—typically Security (and often Availability, Confidentiality, Processing Integrity, and Privacy). The Type 2 report tests both the design of controls and their operating effectiveness over a defined period, providing credible, third-party evidence that the company consistently protects data and runs its service securely.
