Home / Companies / GitLab / Blog / Post Details
Content Deep Dive

How GitLab successfully expanded our SOC 2 Type II Trust Services Report Criteria

Blog post from GitLab

Post Details
Company
Date Published
Author
Julia Lake and Liz Coleman
Word Count
390
Company Posts That Month
18
Language
English
Hacker News Points
-
Summary

SOC reports serve as crucial attestations from independent third parties to confirm that organizations comply with the American Institute of Certified Public Accountants' specific technical and operational standards. GitLab initially secured SOC 2 Type 2 and SOC 3 reports in 2020, focusing on Security criteria for its SaaS platform, and expanded these reports in 2021 to include Confidentiality Trust Services Criteria (TSC). The expansion process involved a phased approach: conducting a gap analysis, upgrading the GitLab Control Framework, testing internal controls, and ensuring readiness with an independent auditor. This meticulous preparation led to a seamless audit with no formal exceptions, underscoring GitLab's commitment to expanding its security certification portfolio for customer assurance and transparency. The SOC 3 report is publicly accessible through GitLab's Customer Assurance Package, and GitLab encourages feedback on desired certifications via email.

Trends Found in this Post

No tracked trend matches for this post yet.