We are also proud to share that we achieved both certifications in record time and on the first attempt, because the Walter platform is secure by design, meaning that the required security measures were already integrated into our processes and infrastructure.

Achieving both ISO/IEC 27001:2022 and SOC 2 Type 2 certifications reflects Walter’s commitment to data security, managing and protecting our customers’ sensitive information and meeting the highest standards of risk management and regulatory compliance.

The ISO/IEC 27001:2022 and SOC 2 Type 2 certifications serve different, yet complementary, purposes. ISO 27001 is a certification granted by a certification organization, in our case, Prescient Security, which has audited our processes to ensure compliance with all components of the ISO standard. This includes regular assessments of threats and risks, as well as the sophistication of our security program. On the other hand, SOC 2 Type 2 is an audit performed by a public accounting firm that evaluates whether the controls that were designed as part of the SOC 2 Type 1 certification have been implemented and are functioning as intended over a specified period of time. Having both of these internationally recognized certifications gives our customers a high degree of confidence in our security practices.

What is an ISO 27001 certification?
ISO 27001 is the international gold standard for information security management - a reflection of the strength of Walter’s security posture. Walter takes a systematic approach to securing sensitive information, encompassing risk assessment, risk treatment, and comprehensive security controls and has implemented an effective Information Security Management System (ISMS) to protect data confidentiality, integrity, and availability. By adhering to the ISO 27001 standard, Walter has committed to continuous improvement in our security practices, ensuring that we can effectively manage and mitigate information security risks, comply with legal and regulatory requirements, and build trust with our customers.

What is a SOC 2 Type 2 report?
A SOC 2 Type 2 report is a widely recognized audit on how a cloud-based service provider handles sensitive information, evaluating our controls over information security, availability, processing integrity, confidentiality, and privacy to meet requirements set by the American Institute of CPAs (AICPA). Unlike SOC 2 Type 1, which assesses the design of controls at a specific point in time, SOC 2 Type 2 evaluates the operational effectiveness of these controls over a period of time. This certification demonstrates that Walter consistently follows rigorous security practices and procedures to protect customer data.

Our commitment to security
Achieving both ISO/IEC 27001:2022 and SOC 2 Type 2 certifications reflects Walter’s holistic and rigorous approach to information security, combining the strategic framework of ISO 27001 with the operational scrutiny of SOC 2 Type 2. This dual certification demonstrates that Walter is committed to maintaining high security standards and continuously improving our security practices, ensuring comprehensive protection of sensitive information.

Read more about how we keep your data secure on our Security page.