Audit reports.
| Report | Frequency | Availability |
|---|---|---|
| SOC 2 Type II | Annual | Under MNDA |
| SOC 2 bridge letter | As required between reports | Under MNDA |
| ISO/IEC 27001:2022 certificate | Annual surveillance + 3-year recertification | Public |
| ISO 27017 + 27018 certificates | Annual | Public |
| HITRUST CSF certification | Per certification cycle | Under MNDA |
| FedRAMP High SAR + ATO documentation | Per ATO cycle | Per agency authorisation |
| CSA STAR self-assessment | Annual | Public |
| PCI DSS AOC (where applicable) | Annual | Under MNDA |
How to obtain.
| You are… | Process |
|---|---|
| Verified prospect | Request via Trust Center workflow + execute MNDA |
| Active customer | Available via customer portal |
| Federal agency authorising official | Coordinate via Federal sales |
| Auditor of record | Coordinate with engaged customer |
Request — security@teamsync.example.com
Penetration-testing reports.
External penetration tests conducted at least annually; redacted summaries available under MNDA.