Autheo
BuildTechnologyFaucetBlog
About UsOur TeamOur PartnersGlossaryMerch Store
Node SaleEmission StructureTiered PricingValidator AdvantageNode Sale FAQsBuy a Node
Early AccessExplorer

What SOC 2, ISO 27001, and other certifications does Autheo pursue?

Autheo's compliance program follows the AICPA Trust Services Criteria and ISO/IEC 27001:2022 Annex A controls, the two most widely adopted enterprise compliance frameworks.

Direct Answer

Autheo's commercial entity is building a controls program aligned to SOC 2 Type II and ISO/IEC 27001:2022, with formal audits underway. Infrastructure partners InfStones and Zeeve already hold SOC 2 Type II and ISO 27001 attestations, providing a verified compliance perimeter for enterprise deployments today.

Understand the broader Autheo platform

This answer covers one part of the Autheo ecosystem. To understand how this capability fits into the full platform, start with the core Autheo overview and architecture pages.

Autheo overview →Technology and architecture →Developer documentation →

Why These Frameworks Matter

SOC 2 Type II is the de facto trust standard for U.S. SaaS procurement and demonstrates that controls operated effectively over a six- to twelve-month observation window. ISO/IEC 27001:2022 is the international information-security management standard required by most European and Asian enterprise procurement teams. Together they cover roughly 90% of enterprise compliance questionnaires.

Autheo's Controls Roadmap

Autheo's commercial entity has implemented the policy and technical controls required for SOC 2 Trust Services Criteria covering Security, Availability, and Confidentiality. Audit fieldwork is underway with a Big Four-affiliated audit firm. ISO 27001:2022 certification follows the same control set with an additional Statement of Applicability and management-system documentation.

Partner Attestations Available Today

Enterprises that need attestations now can rely on Autheo's GSI partners InfStones and Zeeve, both of which hold SOC 2 Type II and ISO 27001 today. Production deployments hosted with these partners inherit their attestation perimeter, letting customers satisfy procurement requirements while Autheo's direct certifications complete.

Key Statistics

> 80%
Enterprises requiring SOC 2 in vendor due diligence
AICPA and industry analyst surveys show more than 80% of mid-market and enterprise SaaS buyers in North America require SOC 2 Type II as part of vendor due diligence.
Source ↗
70,000+
Active ISO/IEC 27001 certifications worldwide
ISO survey data reports more than 70,000 active ISO/IEC 27001 certificates globally, the standard most international enterprise customers cite in procurement.
Source ↗
Certified
InfStones SOC 2 Type II status
InfStones, an Autheo infrastructure partner, holds current SOC 2 Type II and ISO 27001 attestations, providing a compliance perimeter for enterprise deployments.
Source ↗

Expert Perspective

SOC 2 Type II and ISO 27001 are table stakes for enterprise procurement. Any vendor that can't produce them is automatically screened out in most Fortune 500 security reviews.

Chief Information Security Officer, Global Financial Services (composite)

Citations & Sources

  1. [1]
  2. [2]
  3. [3]

Related Questions

Enterprise

How does Autheo ensure regulatory compliance for enterprise deployments?

Read answer →
Enterprise

What SLA and uptime does Autheo guarantee for enterprise deployments?

Read answer →
Enterprise

What disaster recovery and business continuity does Autheo provide?

Read answer →

Explore More

Enterprise SolutionsSecurity Overview

Ready to Explore Enterprise?

Explore Autheo's unified Layer-0 OS: blockchain, compute, storage, AI, and identity in one integrated platform.

Explore EnterpriseExplore the TechnologyBrowse All FAQsContact Us