Certifications

Details of the standards and certifications On-Call Optimizer has achieved

On-Call Optimizer is designed and architected to be secure, protecting the confidentiality, integrity and availability of your data. We pursue independent third-party certifications to demonstrate our commitment to security and compliance.

Access to certification documents and related policies can be requested via our trust center.

SOC2

SOC2 is a widely recognized standard for security and compliance. On-Call Optimizer is committed to achieving a SOC2 Type 2 certification and is engaged in the audit process to fulfil this committment.

Latest Update

As of September 2024, the scoping and planning for SOC2 certification has been completed, including establishing the list of controls required to be audited.

The work in progress is now focused on gathering the required evidence to demonstrate to the auditor that each control is being achieved.

Policies covering all required control areas are written and in place.
The necessary technical and process implementation details are in place for over 95% of all controls.
Evidence is gathered and documented for 66% of controls.

Next Steps

Selection of an auditor
Agree terms, scope and timing of audit with selected auditor.
Complete evidence gathering and documentation for remaining controls.

Target Dates

End of September 2024: Evidence collection completed, all controls ready for audit.
End of October 2024: Auditor selected, scoping statement approved, Type 1 audit begins.
End of December 2024: SOC2 Type 1 audit report available for customer distribution.
End of March 2025: SOC2 Type 2 audit report available for customer distribution.

Availability of the Type 2 audit report at the above date is subject to the selector auditor agreeing that a shorter 3-month observation period is appropriate for the size and scope of the On-Call Optimizer product. If this agreement is not achieved, it is likely that the Type 2 audit report will not be available until June 2025.

Penetration Testing

In addition to security certification, On-Call Optimizer is also subject to external penetration testing to independently validate the security of our systems.

Latest Update

As of September 2024, evaluation and selection of a penetration testing vendor is in progress.

Target Dates

End of September 2024: Vendor selected, pen test scheduled.
End of Novemeber 2024: Penetration test report available for customer distribution.

Other certifications

If you need evidence of compliance with another cerification, please contact us at compliance@oncall-optimizer.com.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last updated September 13, 2024