Metronome achieves SOC 1 Type 2 certification

Feb 21, 2023
 • 
0 MIN READ
Gold share tray icon
Suyog Rao
Head of Engineering

I’m excited to share that we've received our SOC 1 Type 2 certification. Metronome is a critical part of our customers’ financial operations and this milestone demonstrates our continued commitment to the security, reliability, and accuracy of your financial data. This certification also enables us to be stronger partners to our customers who are public and planning to go public. 

Why SOC 1 Type 2 

SOC 1 evaluates that we have the internal controls and systems in place to provide accurate financial reporting and financial operations for our customers. 

Given that we work closely with our customers’ billing and revenue data, we chose to move forward with the SOC 1 Type 2 certification, following our SOC 2 Type 2 certification, to ensure the highest integrity of the financial data we collect and process. 

What’s the difference between SOC 1 Type 1 and Type 2? 

  • Type 1 evaluates the design of a system’s controls at a point in time 
  • Type 2 is a more rigorous audit that evaluates the design of a system’s controls over a period of time. It requires a more comprehensive investigation into a system’s design and processes and documents the testing performed and the results.  

Streamlining the financial audit process for our customers 

One significant benefit of our certification is simplifying the financial audit process for our customers. This is particularly helpful for pre-IPO or public companies undergoing annual financial audits. For public companies, the Sarbanes-Oxley Act (SOX), requires a mandatory annual independent audit to attest the effectiveness and correctness of their overall financial controls. Public or pre-public companies can now leverage Metronome’s SOC 1 certification to demonstrate appropriate internal controls to meet their SOX compliance obligations.

If you’ve been at a company that has built an internal billing system, you’re likely familiar with the engineering lift required to undergo annual financial audits. When I was running the billing team at Elastic, it took hours of engineering time, every year, to verify we were SOX compliant each time we went through an internal or external audit.

With Metronome as your billing platform, this no longer needs to be a painful exercise that your engineering team manages on a recurring basis. Metronome is designed from the ground up to allow for testing of financial correctness, at scale. As a key part of your financial operations, we’re consistently monitoring and investing in the security, reliability, and accuracy of your financial data and ensuring we’re aligned with industry best practices.

Get in touch 

If you’re interested in learning more about Metronome, you can reach out to us here. Visit our security page here for more information on our security practices and contact your Metronome representative to access a copy of our SOC 1 Type 2 report.