Current status
VerbalCheck is not currently SOC 2 certified. VerbalCheck intends to pursue SOC 2 Type I and SOC 2 Type II examinations as the institutional customer base grows and the business matures.
Readiness priorities
- Document access controls and authorization boundaries.
- Formalize data retention, deletion, and privacy procedures.
- Maintain incident response and vulnerability disclosure procedures.
- Track vendor and subprocessor oversight.
- Collect operational evidence for change management, deployment validation, and security review.
Audit sequence
SOC 2 Type I is the intended first third-party audit milestone once controls are documented and audit-ready. SOC 2 Type II is the intended follow-on milestone after controls operate over a sustained review period.