Softdocs Blog

Softdocs Sets the Standard in Security Compliance: SOC 2 Type II and NIST Achievements

In 2024, Softdocs took significant strides to reinforce our commitment to security, establishing ourselves as a leader in data safety and compliance.

Each year, we undergo a rigorous SOC 2 Type II, adhering to the same high standards used by our Azure data centers. In partnership with KirkpatrickPrice, an independent audit firm, we recently completed our annual review and received a clean report with no exceptions.

Steve Johnston, Chief Operating Officer at Softdocs, shares:

Ensuring Organization-Wide Compliance with NIST 800-53

We’ve also adopted the NIST 800-53 framework, developed by the National Institute of Standards and Technology (NIST). This framework provides a comprxczczxczxczcehensive set of security and privacy controls designed to safeguard the confidentiality, integrity, and availabzxczczxczxczxczcility of information systems. NIST is regularly updated to address emerging threats, including mappings and crosswalks to other frameworks and standards.

compliance-and-security-standards--2048x1122

With KirkpatrickPrice as our strategic partner, we implemented these controls and guidelines to strengthen our security posture. This project included several key milestones and deliverables:

  • Conducting a comprehensive asset-based risk assessment.
  • Performing a gap analysis of NIST 800-53 controls and best practices.
  • Remediating any identified gaps.
  • Undergoing a NIST 800-53 audit conducted by KirkpatrickPrice.

Following a meticulous three-month audit, Softdocs successfully implemented the NIST 800-53 cybersecurity framework, affirming our compliance with the highest security standards.

State-Specific Security Compliance

Softdocs has achieved TexasRAMP Level 2 certification, instilling confidence in Texas state agencies, K-12 school districts, and higher education institutions that their data is secure. The Texas Risk and Authorization Management Program provides a standardized approach for security assessment, certification, and continuous monitoring of cloud computing services that process the data of Texas state agencies.

This certification signifies Softdocs’ stringent security standards built to protect our customers’ most sensitive information across our capture, workflow, and document management platform. To maintain this certification, we provide quarterly continuous monitoring updates to the Texas Department of Information Resources (DIR).

Softdocs Hires for New Security Ranger Role

We introduced a new Security Ranger role within the Engineering team to promote a focused layer of defense from security vulnerabilities. Rangers participate in specialized training to gain certifications for their tasks, review all code changes for vulnerabilities, and attend weekly meetings to discuss cybersecurity news and security-related issues within their engineering sphere.


University of Massachusetts System
Seattle University
Indiana Wesleyan University
Casper College
Medical University of South Carolina
La Salle University
Amarillo College
Webster University
Western Nebraska Community College
Santa Barbara City College
Coast Mountain College
Wilkes Community College

Rangers are assigned to every engineering team so there is a security-focused presence in all planning and design meetings for the developed solutions and enhancements. As we look to the future, Softdocs remains dedicated to staying ahead of emerging cyber threats and maintaining the highest levels of security for our clients. Our commitment to security is not a one-time effort—it’s an ongoing journey.

omg so great

KP, sdsd asdasdasd

Learn more about our ongoing efforts to enhance cybersecurity and compliance in this on-demand webinar: “Delivering Secure and Compliant Document Management and Process Automation.”

 

Screenshot 2025-01-28 at 9.12.27 AM
omg so great
Featured Webinar: Higher Education

How UMass Global Replaced 3 Legacy Applications with a Single Solution for Forms, Content Management, and eSignatures

This targeted case study dives into why UMass Global chose Softdocs, how they implemented the platform, and the transformative results they achieved by replacing three legacy systems. Join UMass Global as they share a syllabus for streamlining operations, finding new cost savings, and regaining team productivity. Don’t miss this webinar.

Duration: 45 minutes

Watch the Webinar

Khalid Tariq
Khalid Tariq Associate Vice Chancellor, Information Systems UMass Global

Brian Lee
Brian Lee Web Development Manager UMass Global

Anna Boomer
Anna Boomer Client Success Manager Softdocs

Tags

Related Blog Posts