A Milestone in Our Security Journey
Warrington, UK – July 2025
We’re proud to announce that Certero has successfully completed SOC 2 Type 1 attestation, marking a key moment in our ongoing commitment to providing secure and reliable solutions for enterprise IT.
Led by our Information Security Manager, Andrew Gregory, this rigorous, independent audit assessed Certero’s internal controls against the AICPA’s Trust Services Criteria, specifically evaluating Security, Availability, and Confidentiality.
“This isn’t just about passing an audit,” said Andrew. “It’s about proving – independently – that our security controls are designed and operating effectively. It’s about showing our customers that their data is safe with Certero.”
This attestation builds on Certero’s existing certifications, including Cyber Essentials Plus and ISO/IEC 27001:2022, further demonstrating our proactive approach to data protection and operational resilience.
What Is SOC 2 Type 1?
SOC 2, developed by the AICPA, is a trusted standard for evaluating a company’s ability to securely manage data.
Type 1 assesses the design of security controls at a specific point in time, offering assurance that the right foundations are in place.
While Type 2 will be our next target, this first milestone validates that we’re doing things the right way. Right now.
Why It Matters
- Independent validation of Certero’s security and availability controls
- Demonstrates compliance with global standards
- Builds customer confidence in how we manage and protect data
- Sets the stage for further growth in regulated markets
We believe that security isn’t an add-on. It’s part of the product. This achievement reflects our philosophy of secure-by-design, giving IT leaders and their organizations the confidence to trust Certero with what matters most.
Andy Gregory – Information Security Manager
Certero’s Information Security Manager, leading the company’s global security program. With hands-on responsibility for protecting systems, data, and operations, Andrew brings real-world experience to the challenges he writes about. From managing compliance initiatives like ISO 27001 and SOC 2 to navigating the evolving threat landscape, his insights come from actively building and maintaining Certero’s security posture..
