URGENT MESSAGE: Log4j Zero-Day Vulnerability Response| Learn more
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world

About Us Leadership Principles Testimonials


secure your organization
Secure Your Organization

secure specific platforms
Secure Specific Platforms

cis securesuite CIS SecureSuite® Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments

View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities

CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers




filter by topic
Filter by Topic

View All Resources  
CIS Logo Show Search Expand Menu

Center for Internet Security Completes SOC2 Compliance Audit

Framework will further secure customer and user data

 EAST GREENBUSH, NY, Jan. 11, 2022 – The Center for Internet Security, Inc. (CIS®) announces the successful completion of the System and Organization Controls (SOC) 2 Type II Audit for the CIS SecureSuite and MS- and EI-ISAC membership services.

SOC 2 is a reporting framework that sets benchmarks for managing customer and user data, which was created by the American Institute of Certified Public Accountants (AICPA). The framework is based on the Trust Services Criteria – privacy, confidentiality, security, availability, and processing integrity. SOC 2 Type II compliance ensures existing and potential members that CIS has the proper security, privacy, and compliance controls in place to manage its products and services.

Undergoing the attestation process is not easy, but it was made possible by the CIS team’s focus and diligence in completing the audit process successfully. We can assure our customers that CIS products and services align with security and privacy standards in the industry.

CIS’s SOC 2 compliance ensures our members’ data and associated information is protected according to defined compliance requirements. CIS continues to improve upon the security and privacy of our members and plans to move forward with other certifications in the future.

About CIS

The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously refine these standards to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the cybersecurity needs of U.S. elections offices. To learn more, visit CISecurity.org or follow us on Twitter: @CISecurity.



Stephanie Gass

[email protected]