Aumni Levels Up in Security Practices, Achieves SOC2 Type II Certification

Jul 14


Nicole Davis

We are thrilled to announce that Aumni has received its SOC 2 Type II certification – Security and Availability discipline, an exceptional achievement . For those of our customers who don’t speak “cyber security,” we have been verified by an independent third-party auditor that we can be trusted to keep our customers' data safe and our systems highly available as a result of our implementation of foundational security practices and industry leading security solutions. 

Aumni CTO, Rob Wise, had this to say: "From the beginning, Aumni has been committed to rigorous data system quality. Our data comes from the most accurate sources with the most attention to detail. We're protecting that data with the same meticulous approach. Our team of information security experts has been integrating our security approach from the ground floor at Aumni, which is why we were able to achieve a SOC 2 Type II certification so early in our journey."

A bit of background on SOC 2 certifications

Developed by the American Institute of CPAs (AICPA), the standard uses five “trust service principles” – security, availability, processing integrity, confidentiality and privacy – to assess how organizations manage customer data. Issued by outside auditors, SOC 2 Type II is the most comprehensive certification within the Systems and Organization Controls protocol. Receiving this certification attests that Aumni has the infrastructure, systems, tools, and processes in place to keep the data we are entrusted with, and the systems supporting our services, confidential and highly available. 

How Aumni approaches security to reduce risk 

This achievement marks an ongoing journey to protect the confidentiality, availability, and integrity of Aumni systems and data. The Aumni security program is built to reduce risk from threats and vulnerabilities through the implementation of policies such as: 

  • Product security initiatives 
  • Policy governance 
  • Security training
  • Change Management, including SDLC methodology
  • Data protection
  • Vulnerability Management
  • Asset Management
  • Incident Response
  • Business Continuity & Disaster Recovery
  • Logging and Monitoring
  • Vendor Security Management
  • Access Control

We are committed to establish Aumni as a brand that can be trusted. Each year hereafter, we will renew our SOC 2 Type II certification, pursue other certifications, and, most importantly, establish security measures above and beyond compliance requirements. 

If you’d like a copy of our SOC 2 Type II, please contact