At TaxDome, we believe in the power of technology to transform the accounting and tax industry. Our mission is to provide innovative solutions that not only streamline processes but also ensure the utmost security and privacy for our clients’ data.

We’re proud to announce that TaxDome has achieved SOC 2 Type II certification, the most comprehensive and rigorous standard for data security compliance. This is more than a milestone — it’s a reflection of our continued investment in protecting client information and upholding operational excellence.

Understanding SOC reports

System and Organization Control (SOC) reports are a series of standards developed by the American Institute of Certified Public Accountants (AICPA) to evaluate how organizations manage client data. There are two primary types of SOC reports:

• SOC 1 focuses on internal controls over financial reporting
• SOC 2 evaluates controls related to security, availability, processing integrity, confidentiality, and privacy

SOC 2 is particularly relevant for cloud-based software companies like TaxDome, as it reflects our ability to manage data securely over time — not just at a single moment.

What SOC 2 Type II means

SOC 2 Type II certification goes beyond evaluating the design of security controls. It verifies that those controls operate effectively over a defined audit period. Our certification covers security, availability, and confidentiality, ensuring that our platform maintains high levels of uptime, data protection, and privacy across all systems and teams.

This certification was issued following an independent audit conducted through Strike Graph, a third-party compliance platform that supports ongoing monitoring and audit readiness.

The SOC 2 examination process

Our SOC 2 Type II certification involved a multi-phase process to validate the effectiveness of our internal controls:

1. Initial assessment – an independent audit firm conducted a comprehensive review of TaxDome’s internal control environment, including policies, systems, and operational practices, to ensure alignment with the Trust Services Criteria.
   
2. Preparation – we worked collaboratively with our audit partner to document, formalize, and demonstrate the controls we’ve long had in place, ensuring they met the AICPA’s strict standards for security, availability, and confidentiality.
   
3. Audit – over a multi-month evaluation period, auditors tested the design and operational effectiveness of our controls across departments and systems, validating their consistency and reliability.
   
4. Certification – following the successful completion of the audit, TaxDome received SOC 2 Type II certification, confirming that our platform meets the industry’s highest standards for secure and compliant operations.

Why it matters for our clients

Achieving SOC 2 Type II certification demonstrates our long-term commitment to accountability, transparency, and trust. For our clients, it means:

• Assurance that your data is handled with enterprise-grade controls
• Independent validation of our platform’s security and uptime
• Alignment with IRS expectations for tax data security, such as multi-factor authentication and secure backups (see IRS Publication 4557)

To explore our infrastructure in greater detail, visit our Security Overview.

Request a copy of our SOC 2 report

A full copy of our SOC 2 Type II audit report is available to qualified firms as part of their vendor evaluation or compliance review process. Request the SOC 2 report here.

Continuing the promise

SOC 2 Type II certification is more than a badge of honor, it’s a promise to our customers that security is foundational to everything we build. We’re proud to uphold that promise every day and continue serving as a trusted technology partner for accounting professionals around the world.