2 Minute Read
March 27, 2019
You may recall in Q1 of 2019, I blogged about Viewpoint acquiring SOC 2 Type I certification on several of our products available in the cloud. The security momentum keeps building at Viewpoint, and to illustrate my point, I am ecstatic to announce Viewpoint has acquired SOC 1, Type II certification for our Spectrum and Vista ERP solutions. Even more exciting was earning SOC 2, Type II certification for all products under the Viewpoint One portfolio, including Viewpoint for Projects.
In October 2019, Spectrum and Vista earned SOC 1 Type II certification, which is great news for our publicly traded customers as this accreditation will assist with your financial regulatory compliance. In addition, Viewpoint earned SOC 2, Type II (Security Principle) certifications for six products in our cloud portfolio as reported by our independent auditor. This was a significant investment and required an immense collaborative effort. The newly acquired SOC certifications demonstrates Viewpoint’s continued commitment to establish and maintain industry standard security controls to help protect the data of our global client base. The SOC certification signifies our cloud systems and associated control processes satisfy the SOC security control standards as denoted in the AICPA Trust Services Criteria for Security.
Security is a priority at Viewpoint and obtaining our SOC 1, Type II and SOC 2, Type 2 certifications reinforces our security commitment, proving that we have controls and the associated procedures, designed to provide a secure cloud platform. We realize that protecting data is important to our customers when selecting a cloud solution partner and we are proud to provide this additional assurance to our customers!
The seven products included in the SOC 2 certification are: Vista, Spectrum, Viewpoint Team, Viewpoint Field View, Viewpoint for Projects, and Jobpac Connect. For SOC 1, Vista and Spectrum were in scope.
The process to achieve AICPA certification was challenging and time consuming but worth the effort. In advance of the audit, we worked diligently to prepare, and we underwent examination in September of 2019. Our auditor thoroughly reviewed our controls, procedures, and product documentation around our security practices and examined the security controls in our products and cloud platforms. The audit culminated in a report providing confirmation that Viewpoint’s security controls meet the applicable security TSP for SOC2, Type II and SOC 1, Type II.
We will continue to invest in security and aim to be a predictable and reliable cloud partner our customers can count on. We will continue on our SOC certification journey and will evaluate other AICPA Trust Services Principles to include in future audits. This will complement our ISO27001:2013certification, which covers the development of our Viewpoint for Projects product in the UK and our TrustE Privacy Shield certification.
We are the security leader in the construction software industry, leveraging common well known frameworks to facilitate a risk-based approach to security, adopting industry best practices for controls, and creating applications leveraging a secure software development lifecycle (SSDLC). Later this quarter we’ll be adding a security and compliance page on our website www.viewpoint.com allowing you to stay abreast of the latest security advancements at Viewpoint. We will also be posting our SOC 3 reports on the website for public consumption.
If you are a customer or prospective customer you may contact our Legal department to obtain a copy of our SOC examination reports under NDA, or confidentiality terms in your existing contract as the SOC 1, Type II and SOC 2 Type II reports are confidential information. Please send all inquiries for SOC reports to [email protected]