Symplicity is ISO 27001 certified. ISO 27001 establishes the requirements and procedures for creating an information security management system (ISMS). Having an ISMS is an important audit and compliance activity.
Symplicity is SSAE 18 SOC 2 Type II certified. SOC 2, Service and Organization Controls 2, investigates how a company commits to and implements internal data availability, security, processing integrity, confidentiality, and privacy controls. A SOC 2 audit provides an organization's customers and stakeholders with assurance about the adequacy and effectiveness of its data controls, based on their compliance with the trust services criteria. Third-party validation of data controls is essential for any organization involved in services that require data sharing.
The NIST 800-53 is a cybersecurity standard and compliance framework developed by the National Institute of Standards in Technology. It’s a continuously updated framework that tries to flexibly define standards, controls, and assessments based on risk, cost-effectiveness, and capabilities. Symplicity is currently in the process of gaining TX-RAMP compliance.