Issue
I need the latest SOC 2 Report for a vendor assessment or security questionnaire.
Applies To
- All Sentry Customers
Resolution
Sentry provides a report to customers on our "System and Organization Controls Relevant to Security, Availability, and Confidentiality and Applicable HIPAA Security Rule Requirements". This report is available to be reviewed within the application under Settings -> Legal & Compliance.
This report contains dates on the cover sheet that reflect the period which the company was evaluated. Check out this recent example:
The dates on the SOC 2 report reflect the period which the company was evaluated (the audit period). Generally, 40-65 days after the end of the audit period the auditor will issue the report. The report we currently have was issued ~October 2024. Since we undergo audits on an annual cadence, you would expect to receive a new report ~October 2025.
Some other important details:
- Supplying the evaluation dates on the cover sheet this way is common amongst auditing firms (e.g. it is uncommon to specify the period of the reports validity).
- SOC 2 reports are valid for a period of 1 year from the end of the evaluation period.
- SOC 2 bridge letters are also available in-app alongside the most recent SOC 2 report to cover the period between the end of the most recent reports validity and the issuing of the next report.