Carta completes SOC 2 Type 2 audit

December 23, 2019
Div Shivesh

Carta is proud to announce that we recently completed our SOC 2 Type 2 audit. We’ve invested in security to protect our customers’ data, achieving SOC 1 Type 2, ISO 27001, and now SOC 2 Type 2 security ratings. 

What is a SOC 2 Type 2 report?

A Service Organization Control (SOC) Type 2 has determined that Carta’s systems and controls meet stringent security, availability, processing integrity, confidentiality, and privacy requirements set by the American Institute of CPAs (AICPA). While a Type I report details the procedures and controls an organization has in place, a Type II report audits those procedures and controls over a period of 6 months. 

We keep your data secure by: 

  • Continuously testing our security by conducting vulnerability tests

  • Always monitoring for security threats of all kinds

  • Monitoring and restricting access to customer data

  • Encrypting all traffic and data that comes through Carta’s platform 

  • Auditing user access into our platform

Data security on Carta

Carta will complete a SOC 2 Type 2 audit annually. If you have any questions about Carta’s SOC 2 compliance, reach out to us via email. You can also access the SOC 2 Type II report in the Carta app. 

DISCLOSURE: This communication is on behalf of eShares Inc., d/b/a Carta, Inc. (“Carta”). This communication is not to be construed as legal, financial or tax advice and is for informational purposes only. This communication is not intended as a recommendation, offer or solicitation for the purchase or sale of any security. Carta does not assume any liability for reliance on the information provided herein.