At Cireson, trust is not a one-time achievement. It is an ongoing commitment. We are proud to announce that, for the third consecutive year, Cireson has successfully completed its annual SOC 2 Type II audit for Tikit by Cireson with zero exceptions.
Zero. Nada. A perfect audit result.
This achievement reinforces our continued investment in security, privacy, operational excellence, and compliance for organizations relying on Tikit to manage service delivery and operations within Microsoft 365.
What Is SOC 2 Type II?
SOC 2 Type II is an independent audit framework developed by The American Institute of CPAs® and The Chartered Institute of Management Accountants® (AICPA & CIMA). It evaluates how organizations manage customer data based on key trust principles, including:
- Security
- Availability
- Processing Integrity
- Confidentiality
- Privacy
Unlike a point-in-time assessment, SOC 2 Type II measures whether security controls are not only properly designed, but also operating effectively over an extended review period.
Successfully completing a SOC 2 Type II audit with zero exceptions means the independent auditors identified no gaps, no failures, and no deviations in the effectiveness and appropriateness of Cireson’s controls during the audit period.
Why This Matters for Tikit Customers
Organizations today face growing pressure to secure sensitive data, meet regulatory requirements, and ensure operational resilience in increasingly complex cloud environments.
For Tikit customers, this achievement provides additional assurance that Cireson continues to maintain rigorous security and compliance standards across our platform and internal operations.
Whether organizations are supporting IT service management, enterprise service delivery, HR workflows, facilities requests, or operational processes inside Microsoft Teams and Microsoft 365, security and trust remain foundational.
This milestone demonstrates that Cireson’s controls are not simply documented policies — they are actively maintained, monitored, and consistently followed.
Compliance Is a Continuous Commitment
Security and compliance are never “finished.” They require constant attention, continuous improvement, and organization-wide accountability.
Over the past year, Cireson has continued strengthening its internal security posture through ongoing monitoring, employee training, policy reviews, risk management processes, and compliance initiatives aligned with frameworks including SOC 2, HIPAA, and GDPR.
“Our third consecutive SOC 2 Type II audit with zero exceptions reflects the commitment our entire organization has made to protecting customer data and maintaining operational excellence,” said Paul Sutton, co-founder of Cireson. “As organizations continue adopting Microsoft 365 for critical business operations, customers need confidence that their service management platform is secure, reliable, and built with compliance in mind. We take that responsibility seriously.”
“Achieving zero exceptions for the third year in a row is not something that happens by accident,” said Marcus Bauer, Senior Director of InfoSec and GRC at Cireson. “It requires continuous evaluation, employee engagement, strong processes, and a culture that prioritizes security in everything we do.”
Built for the Microsoft Cloud
Tikit by Cireson is designed specifically for organizations operating within the Microsoft ecosystem, leveraging the power of Microsoft Teams, Microsoft 365, and the Power Platform to modernize service management and enterprise workflows.
As more organizations consolidate operations into the Microsoft cloud, compliance and security expectations continue to rise. Cireson remains committed to helping customers meet those expectations with solutions built around modern Microsoft technologies and industry best practices.
Looking Ahead
Achieving SOC 2 Type II compliance for the third consecutive year is an important milestone, but it is also part of a broader commitment to continuous improvement.
Cireson will continue investing in the people, processes, and technologies necessary to maintain the highest standards of security, compliance, and customer trust.
Organizations interested in learning more about Cireson’s security and compliance practices, including SOC 2 documentation, are encouraged to contact the Cireson team at SecAdmin@cireson.com.
