Information Security

Torstone Technology is proud to announce the successful completion of the Service Organisation Controls (SOC) 2 Type 2 certification. Following a period of extensive auditing we have been certified by Ernst & Young (EY) for our controls based on the trust services criteria for security set forth in TSP section 100, 2017 Trust Services Criteria.


Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 is the standard for security compliance by hosted service providers. Firms must demonstrate their ability to design and implement controls, policies, procedures and practices to protect the interests of their clients.

In addition to the SOC 2 Type 2 Torstone Technology continue to maintain an ISO 27001 certification from 2013 of our Information Security Management System (ISMS) covering our infrastructure, hosting environment, and services.

ISO 27001

ISO 27001 is one of the most well-known and internationally recognized information security standards. It identifies requirements for an Information Security Management System (ISMS) and defines how organizations should manage and handle the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties.

In order to achieve this certification, Torstone’s compliance was validated by independent auditor, BSI Group, after demonstrating our ongoing commitment to managing and protecting company and client data.

Torstone is committed to exceeding our clients expectations and providing ongoing confidence in our ability to maintain and expand on our high standards.

Torstone’s SOC 2 or ISO 27001 report are available to existing and prospective clients on request under a non-disclosure agreement. Please contact for more information.