GROWMARK achieves SOC 2, Type II compliance, offering the highest level of data security

GROWMARK, Inc., is pleased to announce it has achieved a System and Organization Controls (SOC) 2 Type II compliance certification in preparation for meeting forthcoming critical infrastructure regulations from the United States Department of Homeland Security.

 GROWMARK announced its Type I certification in February 2024, which confirmed appropriate controls were in place at that specific time. SOC Type II is widely recognized as a set of security standards designed to ensure service providers like GROWMARK have appropriate controls in place over the entire audit period to protect the security, availability, and confidentiality of customer data and provide an exceptional level of data security.

Information Security Manager Jeff Mosley helped lead the project first through achieving Type I compliance and now Type II compliance. “This higher-level security designation is a testimony of our commitment to the data security we provide our customers. When companies do business with us, no matter their size or location around the world, we can now offer them the highest standard of data security,” he said.

Current customers who use the SAP, Agvance, myGROWMARK, and myFS digital platforms through GROWMARK also benefit from the higher level of data security. “Our current customers, from the farm field to the boardroom, can rest assured that their data is protected to the highest standards when they use our digital management tools,” Mosley said. “The Type II certification requires constant care and vigilance on our part which provides an extraordinary level of assurance that doing business with us is as safe as possible.”

Mosley said the agriculture sector has a low adoption of this level of data security, around 3%, and he hopes more organizations will work toward achieving the minimal adoption of SOC compliance to further secure the interdependent ag supply chain. “Data safety is everybody’s responsibility. In ag, we’re often focused on everyone’s physical safety, but if we want to do business safely and earn our customer’s trust, we need to be just as concerned about data safety,” he said.

Johanson Group LLP, a premier certification body that helps organizations obtain and maintain global compliance standards, completed the audit. The SOC Type II certification is maintained through continuous compliance with the SSAE-18 Security Framework and annual audits performed by a third-party certified public accountant. The Statements on Standards for Attestation Engagements version 18 (SSAE-18) security framework and SOC2 audit examination is created and maintained by the American Institute of Certified Public Accountants (AICPA) for service organizations.