• en

Kimble Passes Service Organization Controls (SOC 1) Fifth Year In a Row

London, May 24, 2020

Kimble has once again achieved certification for Service Organization Controls (SOC 1) which provides assurance to our Customers, Prospects, & Suppliers for the robustness of Kimble’s internal control environment. Kimble have now achieved certification every year since 2015.

What does SOC 1 cover?

The standards cover a broad cross-section of controls including :

  • Regulatory standards: Such as Data Protection as part of General Data Protection Regulation (GDPR) Compliance.
  • Kimble Policies: Including IT Security, Systems Access, Risk Management, Supplier Management and Business Continuity.
  • Key processes: Adopted by Product Development and Support to ensure that we meet customer quality and performance SLA’s.

Kimble’s certification, coupled with those provided by Salesforce (SOC, ISO 27001) for hosting the underlying platform here, give customers complete assurance over the control environment operating for their data.

What Approach has Kimble taken?

Kimble compliance program is embedded across the organization as part of ‘Business as Usual’.

  • Risk Assessment: Ensures that all potential risks are mitigated by a compensating control.
  • Adequacy of Controls: Ensures that both Preventative (before the event) and Detective (after the event) controls are included as part of the design.
  • Effectiveness of Controls: A defined ‘Control owner’ is assigned to each control and is held accountable as the 1st line of defense for ensuring that the controls are operating effectively.
  • Internal Compliance function: Provide oversight and guidance for control owners – and provide a 2nd line of defense within the business.
  • External Audit: Independent assessment by qualified auditors Moore Kingston Smith and Xcina Consulting – provides the 3rd line of defense and an impartial view which Customers can rely on.

More information:

For more information about the Kimble Compliance program or for information about latest SOC audit, please contact [email protected]