It’s Official: Monit is SOC 2 Compliant!

We’re excited to announce that Monit is SOC 2 Type I compliant! Committed to building trust with our partners, end-users, and the marketplace, we’re able to assure our customers of the highest standards of information security and protection.

Monit is a digital intelligence tool that empowers small-to-medium-sized businesses to manage cash flows and receive personalized, actionable financial advice all in one place, as an intelligence layer integrated with their existing accounting software. Monit is provided to business owners by their bank or credit union. With data and insights at the heart of the application, assuring that data is secured is paramount and our top priority. Our SOC 2 audit was a crucial step in the promise of building a more secure ecosystem.

What is a SOC 2?

  1. Security
  2. Availability
  3. Processing integrity
  4. Confidentiality
  5. Privacy

Our Type I report addressed that all information stored on the application is secured due to the design and structure of the proper controls, policies, and procedures.

The Preparation Process

After completing all policies and implementing the associated controls, Monit went through a SOC 2 readiness assessment to test the following requirements needed for audit:

  1. Policies: Principles and rules are established and properly adopted
  2. Evidence: Controls can be demonstrated to prove the effectiveness
  3. Procedures: Methods are deployed to express how controls are expressed day-to-day
  4. Tools: Programs selected are defined in the policies and procedures, and provide supporting evidence

The Audit Process

The process began with an initial kickoff meeting, during which we shared documentation, evidence, additional reports from the Laika platform. After the kickoff, the audit itself was fast and streamlined, and Monit acquired the report after roughly three weeks.

What We Learned

  1. Security and compliance isn’t just a checkbox

With data privacy dominating headlines regularly, consumers expect strong security protocols. And, maintaining that high level of security isn’t a one and done affair. It takes ongoing work to maintain controls, cultivate compliance culture, and prepare for a SOC 2 re-audit.

2. Having a platform is better than a piece of paper

While going through the decision-making process, Monit evaluated various options including audit only options. The centralized Laika system housing documents, processes, control evidence, and vendor management all in one place proved to be the deciding factor. It is useful not only for audit preparation but also as we grow and onboard new people. Walking them through our security standards in one place is extremely efficient.

3. Working with experienced partners ensures success

Having a security-first mentality is step one. Finding and working with partners who can navigate the landscape and ensure the successful implementation of our security goals made all the difference. We acknowledge all of our partners and vendors who helped make our goals a reality and appreciate their considerable efforts.

What’s Next

Monit will continue to pursue certifications that demonstrate our commitment to the highest security standards in the industry. As such, we are preparing for our SOC 2 Type II preparation and audit in 2021.