Where are the SOC 2/SAS70, COI, AOC, and other reports located?
Updated 03/11/2021 03:41 PM
Below is the annual Zix AICPA SOC2 Type 2 Audit Report and related documents. The content of this audit report is Zix proprietary and confidential information. While you may provide this report to individuals conducting business on your behalf, you may not disclose this report outside of your organization.
Payment Card Industry (PCI) Data Security Standard (DSS) Attestation of Compliance (AOC) report:
PCI DSS 3.1 AOC.pdf
The SOC 2 report is available for download here:
Zix's SOC 2 Type 2 Report
Zix SOC 2 Type II Report for HITRUST_FINAL:
ZixCorp 2020 SOC 2 Type II Report for HITRUST
Equinix Colocation System SOC 2 Type 2 Report
Note: Any "gap" periods are covered by the Zix Service Statement.
The SOC 3 report is available for download here:
ZixCorp 2020 SOC 3
Note: AWS SOC 3 is available here:
https://aws.amazon.com/compliance/soc-faqs
ISO 27001:2013 Certificate of Registration. This covers ZixEncrypt, ZixProtect, ZixMail, ZixDirectory, ZixArchive and ZixOne services:
ISO Certificate of Registration
The Zix Evidence Certificate of Insurance (Commercial General Liability) report is available for download here:
Zix's Evidence Certificate of Insurance
ZixPort Security Brief 2019:
ZixPort Security Brief
ZixPort Voluntary Product Assessment Template (VPAT) for 508 Accessibility
VPAT2.3-508-Jan2019_Zixport.pdf
ZixEMS Voluntary Product Assessment Template (VPAT) for 508 Accessibility
VPAT2.3-October2019_ZEMS.pdf
Zix Financial Statements are available here.
Carlos Rios
Comments