VERMEG recertified SOC 2 Type II

VERMEG recertified SOC 2 Type II

VERMEG is proud to announce the successful obtention of the System Organisation Control SOC 2 Type II certification for the second year, following a period of extensive auditing by the renown Ernst & Young UK (EYUK). This year’s report covers a 12-month period. It is a proof for our effective controls based on the trust services criteria relating to Security, Availability, Confidentiality and Processing Integrity set forth in TSP section 100, 2017 Trust Services Criteria.


Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 Type II is the standard for security compliance by hosted service providers. Firms must demonstrate their ability to design and implement controls, policies, procedures and practices to protect the interests of their clients. This independent review and certification acknowledge that VERMEG has met the stringent requirements set forth by the AICPA. When trusting an application with highly sensitive and confidential information, obtaining this certification is essential.


Commenting on the certification, Mousser JERBI, VERMEG, COO, said, “We are extremely proud to have received the SOC 2 Type II certification which demonstrates to our clients that we are able to securely manage their data. This certification marks a significant step towards achieving our long-term goals. Managing customer data has always been a top priority and this independent validation demonstrates our commitment to the security of our customer data.

We continuously invest in our systems and controls to ensure we are able to meet the high standards expected of us as a leading SaaS provider.”


Beyond security, SOC 2 Type II compliance provides customers with an assurance of high levels of organisational maturity, from the internal processes around customer commitments to the professional development of employees. VERMEG is committed to performing further SOC 2 Type II examinations in future years, providing ongoing confidence in our ability to maintain and expand on these high standards.


In order to receive this certification, the following areas of VERMEG’s practices and policies were assessed:


  • Infrastructure: The physical and hardware components of a system Including Servers computers, internet connectivity, network enablement, firewalls and security…
  • Software: The programs and operating software of the system aimed to help data processing
  • Data: The information used and processed by the system
  • People: The staff involved in the operation, the management, security, and governance of the system
  • Policies and Procedures: The automated and manual policies and procedures involved in the operation of a system


„We strive to be the benchmark for software and digital solutions. This report serves as a testament to our unwavering dedication to always perform at the highest levels of security. By continually striving for excellence and ensuring top-tier security standards, we aim to remain at the forefront of our industry and provide our customers with exceptional solutions they can trust.“


VERMEG’s SOC 2 Type 2 report is available to existing and prospective customers on request under a non-disclosure agreement. Please contact VERMEG’s Sales Representatives for more information.