For the second year in a row, Controlant has passed an extensive Service Organization Control Type 2 (SOC 2) audit, reflecting our continuing prioritization of data security. The audit covers information security, particularly how we manage customer data in a secure manner. The audit, conducted by KPMG, produced an assertation report verifying the effectiveness of Controlant’s quality and information security procedures.
Keep up with developments in pharma supply chain visibility. Sign up for Controlant Insights and receive our latest white paper.
We understand that when a company decides to outsource parts of data operations, information and data security is an essential consideration in finding the right partner.
With third-party validation of our data controls, pharmaceutical companies and logistics providers have greater assurance that their data on global shipments of medicines and vaccines is safe in our Aurora Platform.
Service Organization Control Type 2, or SOC 2, is a framework developed by the American Institute of Certified Public Accountants (AICPA) that establishes whether vendors adhere strictly to IT security in order to protect data. The European equivalent to the SOC 2 framework is the ISAE Series 3000 audit. In passing the SOC 2 audit, Controlant has also obtained the ISAE Series 3000 certification.
The assertation report produced by the KPMG audit gives valuable insights into Controlant’s security procedures, internal controls, regulatory compliance, and quality governance. Through extensive sampling of all the work carried out over the past year, the audit asserts that procedures, quality, and information security measures are effective and follow approved procedures.
The audit delved into Controlant’s entire platform and devices, and the processes that govern our work—including security and compliance controls in place to secure our Aurora Platform, and the customer data stored there. It included testing that our management system and controls ensure the security of our platform and our customers’ data.
Conducted from September through April, the audit covers work performed during 2022. This is the second year in a row that Controlant undergoes a SOC 2 audit by a third party and obtains SOC 2 certification with no deviations noted.
By undergoing extensive review by a third party, we can continuously improve our work, including services and information security.
Arnar Gunnarsson, Vice President of Information Security and Services:
"We are excited to announce that for the second year in a row, no deviations were found during the extensive SOC 2 audit process. We are pleased to be able to offer our customers in the pharmaceutical industry as well as logistics providers, assurance that we are putting security in the first place when it comes to their data."