Skip to content

Certifications & Compliance

On this page you will learn about Kelvin's certifications achieved to ensure that the security standards are deeply embedded into the organization.

SSAE 18 SOC 2 Type II

Statement on Standards for Attestation Engagements 18 (SSAE 18) is a regulation compliance created by the Auditing Standards Board of the America Institute of Certified Public Accountants.

It defines how solution providers that provide cloud solutions such as SaaS or PaaS report on compliance controls. These cover all aspects that govern safeguards and practices on data security and privacy.

By undergoing a SOC 2 audit, a company demonstrates that its ability to meet the security criteria that its customers require to confidently share their data.

Kelvin's Compliance

Kelvin annually hires accredited third parties to perform a full audit on all areas required by the SSAE 18 SOC 2 Type II.

The report consists of a deep analysis of all controls, processes, security and procedural aspects in Kelvin's infrastructure and external service providers to ensure the safety of management and storage of all the data security and privacy.

The SOC 2 section confirms that a rigorous demonstration of Kelvin's ability to meet the security criteria has been performed.

CSA Level 1

Many organizations rely on globally recognized and supported alliances that create, maintain and promote common standards in different areas of industry. These alliances are usually non-profit and not only champion the standards but also support research in their specializations to always be dealing with topics as they evolve.

In the cloud security arena, the Cloud Security Alliance is one of the leaders. Backed by the leaders of industry; Google, Microsoft, Oracle, IBM, Amazon and many other high profile companies, it is the world's foremost organization focused on providing best practice security awareness to provide cloud computing environments.

CSA provides a wide platform to help organizations ensure the personnel and products meet the latest security standard including;

  • Latest information on security related news and developments
  • Training and certifications in cloud security
  • Research and publications on on all aspects of cloud computing including emerging technologies such as IoT, blockchain, quantum-safe security, etc.
  • Transparency of Organizations through STAR (Security, Trust, Assurance and Risk) Registry.

They also host many security events and conferences to continue to build organizations awareness and elevate their cybersecurity capabilities. CSA also participates in all major security related events such as Black Hat.

STAR Registry

The STAR (Security, Trust, Assurance and Risk) Registry is a publicly accessible registry that provides certification for CSPs (Cloud Service Providers).

The CSA-related assessment documentation for all companies are available for free to the public for download and review.

The STAR Registry has two levels of assurance;

  • Level 1: Self-Assessment based on the Consensus Assessments Initiative Questionnaire (CAIQ). The CAIQ contains more than 250 questions based on the CCM that a customer or cloud auditor may want to ask of CSPs to assess their compliance with CSA best practices.
  • Level 2: Independent third-party assessments such as CSA STAR Attestation and CSA STAR Certification. These assessments combine established industry standards with criteria specified in the CCM.

Kelvin @ Level 1

Kelvin has submitted and received STAR Level 1. This reflects that Kelvin's security controls are in accordance with the Cloud Security Alliance (CSA) and the Cloud Control Matrix (CCM).

You are able to download and review the complete submission which covers 250+ questions under 14 topics at https://cloudsecurityalliance.org/star/registry/kelvin-ai.

All the topics ensure that we have a full overview of our infrastructure and practices to ensure that attention to security is given to each and every area of our organization.

And we transparently share this information publicly.