Nuventive, a leader in data-informed improvement software for higher education, announced that it has achieved System and Organization Controls (SOC 2) Type II compliance, widely regarded as the gold standard for data security.
“Achieving SOC 2 Type II compliance demonstrates the effort to which Nuventive is willing to go to protect our clients’ sensitive data,” said Gary Choban, Nuventive’s senior vice president, chief product officer and security officer. “We believe we are the only vendor in our market that has accomplished this level of compliance.”
“We believe Nuventive is the only vendor in our market that has accomplished this level of compliance.” Gary Choban
Long-time Nuventive partner Microsoft underscores the importance and market significance of this certification. “Accomplishing SOC 2 Type II compliance is no small feat. It’s a testament to the maturity of Nuventive’s solution and management’s commitment to serve higher education by providing a secure choice for their investments in data-informed improvement,” said Rob Curtin, director of higher education for Microsoft’s WW Education Industry.
Also Read: Aavenir Partners with CloudGo to Expand AI-enabled Source-to-Pay Solutions
The certification follows an independent examination, conducted by leading cybersecurity assessment firm A‑LIGN, which validated that Nuventive’s security practices and controls meet the Trust Services Principles and Criteria for security, availability, and privacy.
Established by the American Institute of Certified Public Accountants (AICPA), the SOC 2 examination is designed for organizations of any size, regardless of industry and scope, by ensuring the personal assets of their potential and existing customers are protected. SOC 2 reports are recognized globally and affirm that a company’s infrastructure, software, people, data, policies, procedures, and operations have been formally reviewed.
“A SOC 2 audit is a statement about an organization’s commitment to protecting their information.” said Stephanie Oyler-Rankin, SOC Practice Lead at A-LIGN. “As a trusted third-party assessment firm, A-LIGN independently evaluates client data processes and procedures, governance on internal controls and security posture. Nuventive’s SOC 2 report validates its commitment to data security and protection, as well as compliance with critical standards to mitigate cybersecurity threats.”
Guiding Nuventive through the process was Cybersecurity and Data Privacy consultancy Zaviant. According to Will Sweeney, Zaviant’s Managing Partner, “The Nuventive team was driven from the top down by a goal of protecting its customers. They were extremely proactive in resourcing this labor-intensive process, and their diligence resulted in a clean audit opinion.”