Enterprise procurement teams increasingly treat SOC reports as table stakes before signing software contracts, and Oneflow's completion of both examinations positions the Stockholm-based company firmly in that conversation.
SOC 1 Type 1 assesses the design of controls relevant to customers' internal control over financial reporting. SOC 2 Type 1 measures control design against the AICPA Trust Services Criteria for security and availability. Type 1 engagements evaluate how controls are designed at a specific point in time; Type 2 engagements, which audit operating effectiveness over a period, typically follow.
Oneflow builds AI-powered contract automation software, with contracts representing a high-sensitivity document class that often intersects with financial systems, counterparty data and procurement workflows. The SOC examinations are available to existing customers, prospective customers and partners on request, subject to standard confidentiality requirements.
"Enterprise customers expect transparency, strong governance, and independently validated controls. Completing both SOC 1 Type 1 and SOC 2 Type 1 examinations marks another important milestone in our long-term commitment to strengthen our customers' trust," said Karl Moodh, CTO at Oneflow.
The company's existing certification footprint covers information security management (ISO 27001), quality management (ISO 9001) and environmental management (ISO 14001). The addition of SOC examinations reflects the particular demands of enterprise customers in regulated industries, where contracts touch financial and operational controls that auditors scrutinise directly.
Oneflow is listed on Nasdaq First North Growth Market. Certified Adviser is FNCA Sweden AB.
To stay across the latest in cloud, AI and enterprise tech analysis from Compare the Cloud, subscribe to our weekly newsletter at https://www.comparethecloud.net/newsletter