ATLANTA – Acuity Brands, Inc. announced that it has completed the requirements for a Service Organization Control (SOC) 2, Type 1 Audit, covering the Company’s “lighting and building controls platform and services.” The audit affirms that Acuity Brands’ policies, practices, procedures, and operations for the covered products meet the SOC 2® criteria for security and availability.
“Earning a SOC 2 report reflects Acuity Brands’ continued commitment to our customers,” said Jazib Frahim, Vice President – Architecture and Product Security for IoT and Connected Solutions, Acuity Brands Lighting. “The assessment covers the vast majority of our connected lighting and building controls platforms and offered services, providing customers with a third-party assurance that Acuity Brands has appropriate information security controls in place.”
The scope of the SOC 2, Type 1 report covers Acuity Brands’ critical systems, applications, networks, development processes, human resources, and information assets as they apply to the handling of restricted information and development of products that comprise the Company’s:
- Digital Lighting Networks: in-scope components consisting of nLight® (wired), nLight® AIR (wireless), Fresco™ TouchScreen, SensorSwitch™ JOT, and ROAM® products;
- Atrius® Technology Solutions: in-scope components consisting of Atrius Application Suite, Atrius Local OS, Atrius Sensory Network, and Atrius Platform; and
- Distech Controls® Building Management Systems: in-scope components consisting of ECLYPSE® Connected Controller Series, ECLYPSE A1000, ECLYPSE Sky Ecosystem, Cloud-Relay API, and VEXX® products.
About SOC 2 Reports
SOC 2 reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization. Audits cover attributes relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems. Developed by the American Institute of CPAs (AICPA). SOC 2 is an auditing procedure to ensure a service provider securely manages data to protect the interests of the organization and the privacy of its clients. Acuity Brands’ SOC 2 audit was conducted by the firm Maloney + Novotny.