Insights / News

Controlant affirms commitment to customer data security

Controlant places utmost priority on the security of data—its own and its customers. The completion of the SOC2 security audit marks the third consecutive year that Controlant successfully passed this rigorous test that ascertains robust controls and processes that have been implemented are working effectively.

Data security is Controlant's top priority and a recent third-party audit has confirmed that Controlant has effective measures and controls in place to secure sensitive data, both its own and its customers. The Aurora platform and devices were in scope for this audit.

Sign up for the Controlant newsletter

Keep up with developments in pharma supply chain visibility. Sign up for Controlant Insights and receive our latest white paper.

Safeguarding data across the Aurora platform and devices 

As a partner in the digitalization of pharma supply chains, Controlant appreciates the importance that leading pharma companies and logistics providers place on data as a strategic business asset.  

 The audit thoroughly examined Controlant’s security controls and processes that govern the work with our devices and in our platform. This included evaluating the security and compliance measures protecting our cloud-based Aurora Platform and the customer data stored within it. The audit also tested the effectiveness of our management system and controls to ensure that they safeguard our platform and our customers’ data. 

Successfully passing the SOC 2 Type 2 audit demonstrates Controlant’s dedication to data security, availability, confidentiality, and integrity. With this certification, Controlant assures its customers, partners, and stakeholders that it has established robust controls and processes, and that these controls operate effectively. Additionally, it validates that Controlant meets regulatory and industry standards for data security and control and has effective measures in place to mitigate risks related to data breaches and security incidents. 

 Transparency and trust 

 "The successful completion of the SOC 2 audit report for the third consecutive year from KPMG, our independent service auditor, re-affirms our commitment to the highest standards of data security,” says Arnar Gunnarsson, VP of Information Services & Security at Controlant. “The rigorous audit process with extensive sampling over 12 months verifies the effectiveness of our processes and controls. As a service partner providing outsourced services for our customers, transparency and trust are essential, and keeping our customer data secure maintains that trust.” 

A rigorous review of processes and controls 

Just as there can be no compromise to quality when it comes to the transport of medicines and vaccines from production to patients, controlling risks and ensuring data security is essential. 

 The review conducted during the SOC2 audit establishes that Controlant effectively manages a sound control environment. Equally important, it provides customers with transparency into the quality of the internal control environment. Lastly, in line with Controlant’s value of excellence, the review helps identify areas for improvement to the control environment, enabling continuous improvement that mitigates financial and operational risk.     

About SOC2 

Service Organization Control Type 2, or SOC 2, is a framework developed by the American Institute of Certified Public Accountants (AICPA) that establishes whether vendors strictly adhere to IT security in order to protect data. The European equivalent to the SOC 2 framework is the ISAE Series 3000 audit. In passing the SOC 2 audit, Controlant has also obtained the ISAE Series 3000 certification.