We have a great Trust Program, but you want external validation. We understand. We validate our program annually with a third party audit to ensure we adhere to the highest standards. The third party will test our operations, procedures, policies, and controls to independently validate they are designed and operating effectively. We will share their reports when available.


Resolver is SOC 2 Type 2 certified! As part of the AICPA accreditation, an independent third-party examination report demonstrates how Resolver achieves key compliance controls and objectives covering all five Trust Service Principles: Security, Confidentiality, Processing Integrity, Availability, and Privacy.

We have completed a SOC2 Type 2 certification for:

  • Resolver Core
  • Perspective
  • GRC Cloud

To learn more, click here.


Resolver is pleased to announce that it is HIPAA and HITECH audited, designed to secure and protect critical healthcare data, and electronic personal health information and records.

Cloud Security Alliance - Security, Trust, and Assurance Registry

We have completed a Cloud Security Alliance (CSA) STAR Level 1 Questionnaire for:

They are available for download on the Cloud Security Alliance’s STAR Registry website. The CSA Security, Trust & Assurance Registry (STAR) is a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings, thereby helping customers assess the security of cloud providers they currently use or are considering contracting with. We have completed the Cloud Security Alliance (CSA) Consensus Assessments Initiative Questionnaire (CAIQ). The latest version of the CAIQ, aligned to CSA’s Cloud Controls Matrix (CCM) v.3.0.1, provides an answer to over 300 questions a cloud customer or a cloud security auditor may wish to ask of a cloud provider.

Our Service Providers

A chain is only as strong as the weakest link. We hold our service providers to our same high standards. Our data centers and other key suppliers undergo regular SOC2 audits to validate their practices. We review these reports carefully and proactively address any areas of concern.