What does SOC 2 Type I compliant mean?

Purpose

Experlogix Digital Commerce is SOC 2 Type I compliant, validating our commitment to strong security controls.

To provide a high-level description of what is examined as part of a SOC 2 Type I examination.

More information

A SOC 2 Type I examination answers whether a company’s security controls are designed properly as of a specific date. The examination or audit is carried out by an independent auditor. The independent auditor verifies that these security controls exist and are appropriately designed. The independent auditor examines policies, procedures, and controls against the American Institute of Certified Public Accountants (AICPA) Trust Services Criteria for Security. These have been selected as key criteria to protect systems and data against unauthorized access. Policies, procedures, and controls examined typically include (but may not be limited to) the following areas:

• Access control (least privilege)

• MFA and authentication

• Network security and firewalls

• Logging and monitoring

• Incident response

• Vulnerability management

Experlogix Digital Commerce has successfully completed a SOC 2 Type I examination, demonstrating that our security controls were suitably designed to meet the American Institute of Certified Public Accountants (AICPA) Trust Services Criteria for Security as of 31st December 2025.

Key points

• A SOC 2 Type I examination answers whether a company’s security controls are designed properly as of a specific date.

• Experlogix Digital Commerce has successfully completed a SOC 2 Type I examination, demonstrating that our security controls were suitably designed to meet the American Institute of Certified Public Accountants (AICPA) Trust Services Criteria for Security as of 31st December 2025.