<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1191812&amp;fmt=gif">

 Bolton Remote is now part of

Get Started
Press Releases

Bolton Remote Achieves AICPA SOC 2 Compliance

At Bolton Remote, we are on a mission to help fast-growing technology companies build and scale remote teams. There is a high level of trust that our customers expect when using our services and that is why we are deeply committed to our own compliance and security measures.

We are pleased to announce the validation of the internal controls established as part of the compliance and security programs with the completion of our SOC 2 Audit. The SOC 2 Audit covers the design effectiveness of our internal controls including security, availability, and confidentiality.  The audit was performed by A-lign, a licensed CPA firm. 

Bolton Remote was examined in three Trust Service principles as part of the SOC 2 examination:

  • Security - Validation that our systems are protected against unauthorized access, use, or modification.
  • Availability - Validation that our systems are available for operation and use as committed or agreed.
  • Confidentiality - Validation that information designated as confidential is protected as committed or agreed.


The audit required the development of strong compliance and security programs to effectively manage our employees and support our customers.  As such, we have established policies and procedures, physical security, training, monitoring and detection controls to help secure and protect the Bolton environment. In addition, we have implemented detailed controls and procedures over how we handle customer data. 


Bolton Remote's SOC 2 report is available to existing and prospective customers under a non-disclosure agreement. For further information or to request a copy, please contact your account manager or sales executive.


About AICPA and SOC 2 

The American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) reports give assurance over control environments as they relate to the retrieval, storage, processing, and transfer of data. These reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems. These reports can play an important role in:

  • Oversight of the organization
  • Vendor management programs
  • Internal corporate governance and risk management processes
  • Regulatory oversight

Additional information can be found here.