dotCMS proudly announced today that it has successfully completed the SOC 2 Type II examination for the fourth consecutive year.
The independent report, conducted by Prescient Security, confirms that dotCMS has effectively maintained controls over the security, availability, and confidentiality across the organization and of its dotCMS Cloud Platform. Importantly, the report was issued with no exceptions, meaning dotCMS went a full year without any security incidents or policy violations. This achievement highlights the company’s ongoing commitment to ensuring the highest standards of trust and reliability across the organization and for its cloud platform.
A SOC 2 report is an in-depth audit of a service organization’s internal controls related to the services it provides, specifically addressing key areas such as security, availability, processing integrity, confidentiality, and privacy. It delivers critical insights that enable customers and prospects to evaluate the organization's risk management posture and determine how effectively it mitigates the risks associated with outsourcing key services. By verifying the effectiveness of these controls, the SOC 2 report helps organizations build trust and make informed decisions about vendor reliability and data protection measures.
Receiving the SOC2 TYPE II certification, alongside their existing ISO 27001 and TX-RAMP certifications, reinforces that dotCMS is committed to protecting its client's critical data and complying with applicable laws and regulations.
“Earning SOC 2 Type II compliance for the fourth year straight—with zero exceptions—speaks volumes about our strong commitment to security and operational excellence,” says Mehdi Karimi, Ph.D., Director of Cybersecurity at dotCMS. “This achievement is a powerful testament to how rigorously we take the responsibility to safeguard our customers' data. We don’t just meet standards—we set them, and that’s how we continue to reinforce the trust of our customers.”