SOC 2 Compliance
Continuous SOC 2 compliance since 2022.
Stomio completed its first SOC 2 examination in 2022 and has continued operating under formal security controls ever since.
Compliance Timeline
A continuous program, not a one-time badge.
These milestones show how Stomio's SOC 2 program progressed from the initial examination to ongoing compliance embedded in the platform's operations.
2022
SOC 2 Type I completed
Stomio completed its first SOC 2 examination and established the control framework that still governs the platform.
2023
SOC 2 Type II completed
Stomio validated that its security controls were operating effectively to protect customer data in practice.
2024
SOC 2 compliance maintained
Stomio continued operating under the same formal SOC 2 security controls with no compliance gap.
2025
SOC 2 compliance maintained
The SOC 2 program remained part of day-to-day operations, with controls continuing to govern how the platform is run.
2026
SOC 2 compliance maintained
Stomio continues to maintain its SOC 2 compliance program and can provide report access upon request.
What This Means
SOC 2 is part of how Stomio operates.
The SOC 2 program is tied to Stomio's operating controls, security reviews, and infrastructure practices. It is not presented as a single historical event disconnected from current operations.
- Continuous SOC 2 compliance maintained since 2022
- Independent examinations completed across both Type I and Type II milestones
- Formal security controls integrated into day-to-day platform operations
- Periodic penetration testing and ongoing security reviews