Information Security

Service Organization Controls (SOC2)
Overview, Examinations, and Reports
Información general
SOC2 is a compliance report standard defined by the American Institute of Certified Public Accountants (AICPA). These SOC2 compliance reports provide users with assurances about the controls at a service organization relevant to security availability and processing integrity of the systems used to process users’ data. It also covers the confidentiality and privacy of the information processed by these systems.
SOC2 Examinations
SOC examinations are conducted by independent auditors to provide necessary assurances to Fortinet customers about the suitability of the design and operating effectiveness of the controls on the following trust services criteria, as applicable:
- Security
- Availability
- Processing integrity
- Confidentiality
- Privacy
Available SOC2 Reports
- FortiCare support system
- Fortinet managed data centers
- FortiGuard
- FortiSASE
- FortiGate Cloud
- FortiManager Cloud
- FortiAnalyzer Cloud
- FortiMonitor
- FortiAP Cloud
- FortiCloud Sandbox
- FortiToken Cloud
Key Principles
Security
Protecting information and systems against unauthorized access and disclosure of information
High Availability
Ensuring information and systems are operational with redundancy
Confidentially
Verifying information is classified confidential
Request the Reports
Interested in receiving the SOC2 report? Please complete the form and select the desired report for download: