SOC 2 Type II Compliance

Credo AI has received a SOC 2 Type II report demonstrating that our product has been reviewed and has met all requirements to mitigate risks arising from interactions with Credo AI's system, particularly information about the system controls that Credo AI has designed, implemented, and operated to provided reasonable assurance that our service commitments and system requirements were achieved based on the trust services criteria relevant to security, availability, and confidentiality (applicable trust services criteria) set forth in the TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy, (AICPA, Trust Services Criteria).

The Credo AI SOC 2 Type II review was conducted by an independent service auditor which is certified by the American Institute of CPAs (AICPA). The report is based on controls places in operation to test operating effectiveness to the trust services criteria for security, availability, and confidentiality categories.

The following components were included in the review:

• Infrastructure
• Software
• People
• Data
• Security
• Availability
• Confidentiality

Credo AI is committed to carrying out an annual SOC 2 audit.

Customers or potential customers interested in reviewing our SOC 2 report can contact us.