RiskBusiness attains SOC 2 accreditation to provide highest levels of Security and Service Controls to Customers of its SaaS-Based Applications

London, England, May 31, 2022 — RiskBusiness Services Limited, the leading provider of governance, risk, audit, compliance, and content SaaS (Software-as-a-Service) solutions, announced today that it has completed a Service Organization Control 2 Type 2 (SOC 2) audit, as defined by the American Institute of Certified Public Accountants (AICPA). Achieving SOC 2 compliance allows RiskBusiness to demonstrate the security and service controls it uses to protect customer data and provides those customers with comfort that the company is aligning with the highest level of security controls for its cloud-based services.

SOC 2 – introduced by the AICPA in 2009 – defines five Trust Service Principles, which may be used by software-as-a-service vendors to demonstrate the security, privacy and transaction processing controls they use to protect customer data in cloud-based offerings.

The specific Trust Services Principles that RiskBusiness is addressing cover:

  • security – related to the safe and secure storage of customer data including protections against unauthorized access.
  • availability – focuses on the availability of the service
  • processing integrity – ensuring that data processing operations are being complete, accurate, timely, and valid
  • confidentiality – sets policy on the protection of data deemed confidential
  • privacy – refers to how personal information is collected, used, retained,


Mike Finlay, CEO and Chief Product Architect, RiskBusiness, states: “In an online world where cybersecurity hacks, data leaks and personal data misuse is headline news, we feel it is essential to demonstrate our data security and privacy leadership in a practical way through the investment we have made, and will continue to make, in attaining and maintaining SOC 2 compliance. As a company that tracks and understands commercial risk threats, we are delighted to be working with the AICPA on mitigation of these key data access, processing, storage and usage risks.”

The SOC 2 compliance that RiskBusiness has implemented effective immediately across all of the company’s applications, means that customers can benefit from increased security protocols without the need to make changes to their own processes and policies. The SOC 2 accreditation supersedes RiskBusiness’ existing SOC 1 Type 2/ISAE3402 accreditation.

Download the press release here.

About RiskBusiness Services Limited

RiskBusiness is an international governance, risk, audit and compliance (GRAC) solution provider, delivering risk content, risk intelligence, risk tools and risk advisory services to its clients. It is an association of like-minded industry professionals, who have the aim of furthering the risk management discipline to enable better risk-reward decision making.

Risk management is an evolving discipline, which has developed in close partnership with the industry. RiskBusiness has, both as individuals and collectively, a depth of established relationships with leading players and regulators in the operational risk field. We are also active participants in industry working groups and contribute thought leadership through publications and education.

RiskBusiness was founded in 2003 and today has principal locations in Birmingham, London, Buenos Aries, Amsterdam, Hong Kong, New York, Singapore, Toronto, and Zurich. For more information, visit www.riskbusiness.com.


Media Contact

Jen Massing Harris
Massing PR, LLC
for RiskBusiness

Click here to download the full press release