LVM Systems’ successful completion of its 2025 System and Organization Controls (SOC®) 2 Type 2 Examination affirms that our practices, policies, procedures, and operations meet the SOC 2 standards for security, availability, processing integrity, and confidentiality. Completing this examination demonstrates LVM Systems’ commitment to the security and integrity of our platform. LVM Systems selected Laika Compliance to perform the demanding third-party examination. Throughout the examination, Laika Compliance audited LVM against the AICPA Trust Services Criteria. The examination’s outcome ensures that the company’s controls meet the criteria of the selected trust services. 

These trust services criteria encompass the following three categories: 

1. Security

Protects data and systems against unauthorized access, disclosure, or damage. 

• LVM has a security team that includes a security officer, a compliance officer, and an incident response team to ensure LVM is up to date with current security best practices and that LVM complies with its security policies and procedures. In addition, LVM performs annual risk assessments, evaluating every aspect of the organization for improvement and ensuring LVM policies and procedures align with current regulatory requirements. 
• Background checks are performed on all prospective employees. New employees must review and sign the LVM security agreement, ensuring that employees maintain a high level of security integrity. In addition, before working with LVM systems or processes, new employees must receive mandatory security training.
• Annual security training ensures employees understand LVM security policies and procedures and are vigilant about new security threats.
• Third-party systems monitor vulnerability and penetration testing to ensure systems remain secure. 

Development teams undergo ongoing training on secure software development lifecycles and secure coding. In addition, third-party security code analysts review the software for known vulnerabilities to ensure LVM development teams use current best practices. 

LVM utilizes encryption standards to ensure all private data access or storage is secured. 

For hosted solutions, LVM utilizes Microsoft Azure as the preferred cloud provider. Microsoft Azure has a security team of over 3,500 members, over ninety security certifications, and has invested over $1 billion in security R&D to ensure client systems and data are protected. 

2. Confidentiality
LVM protects information designated as confidential. 

• LVM follows a data retention policy and conducts activity tracking.
• LVM maintains an asset inventory and destruction policy.

3. Availability

Information and systems are available for operation.

• System monitoring ensures systems are running smoothly. If anomalies are detected, appropriate LVM resources are notified.
• Backup, redundancy, and recovery standards follow industry best practice.
• Disaster recovery, development, and testing ensure LVM can rapidly recover systems. 

With security concerns constantly growing, organizations choose LVM Systems as their core platform and growth engine.