POWER FACTORS RECEIVES SOC 1 TYPE II AND SOC 2 TYPE II ATTESTATION REPORTS FOR 2023
These reports demonstrate that our internal controls have been assessed by an independent audit firm and that we are compliant with industry standards for safely and securely handling our customers’ data.
Stay in touch
Subscribe to our newsletter for expert insights, company updates, and the latest in renewable energy management solutions.
Power Factors is deeply committed to the security of our customers’ data. That’s why we are proud to announce that we’ve received our SOC 1 Type II and SOC 2 Type II attestation reports for 2023. These reports demonstrate that our internal controls have been assessed by an independent audit firm and that we are compliant with industry standards for safely and securely handling our customers’ data.
Charlie Driscoll, Power Factors’ Head of Information Security said, “We’ve continued to build upon and improve our security controls from previous years to strengthen our information security program at Power Factors. These new audit reports are a reflection of that work. Furthermore, we’ve continued to expand the scope of the audit, such as including our BluePoint product into the SOC 2 scope.”
WHAT IS A SOC REPORT?
SOC stands for Service and Organization Controls. SOC audits measure how a service organization handles customers’ data using a set of standards outlined by the American Institute of Certified Public Accountants (AICPA). SOC reports are the result of rigorous independent audits and are a key indicator that a service organization has the necessary controls in place around data security.
WHAT IS THE DIFFERENCE BETWEEN SOC 1 AND SOC 2 AND TYPE I AND TYPE II REPORTS?
A SOC 1 report deals with financial controls while a SOC 2 report focuses on security controls. Each report can be issued as a Type I or Type II report. A Type I report simply demonstrates that an organization’s internal controls are properly designed. A Type II report takes it a step further, demonstrating that an organization’s controls operate effectively over a period of time (usually 6-12 months). For this reason, Power Factors has chosen to pursue Type II reports to ensure our controls are always operating effectively.
WHY DOES POWER FACTORS PURSUE A SOC 1 REPORT?
As noted above, a SOC 1 report provides detailed information and assurances that customers’ financial information is being handled properly. The Power Factors Drive and BluePoint platforms are used to collect revenue-grade meter data and provide invoicing. Therefore, it is imperative that the Power Factors platforms properly handle data that is used for billing.
WHY DOES POWER FACTORS PURSUE A SOC 2 REPORT?
A SOC 2 report covers the effectiveness of an organization’s cloud and IT security controls. Our customers rely on Power Factors’ products to help them drive critical business outcomes using data from their clean energy assets. As a maker of cloud-based SaaS platforms, we hold ourselves to the highest standards when it comes to keeping our customers’ data secure while still being accessible to those with the required permissions.
HOW CAN I ACCESS THE REPORTS?
Yearly SOC 1 and SOC 2 Type II audits are one of the ways we show our commitment to ensuring our customers’ data remains confidential and secure. If you’re a current or prospective Power Factors customer and wish to view the reports, you can request a copy from your customer success manager or sales representative.
Not yet a customer and interested in learning more about our asset management solutions? Connect with us today.