+31 (0) 546-714360
0

Shock Media successfully completes SOC 2 and ISAE 3402 type 2 audits

  • Reading time: 5 minutes

In an era of stricter laws and regulations, increasing cybersecurity demands, and growing chain responsibility, high-quality and secure Managed Hosting is no longer a side issue, but our priority and specialty. Organizations in digital services need a partner that has structurally guaranteed security, continuity, and compliance, and can demonstrably substantiate this.

After achieving the Type I reports in 2025, we are proud to announce that we have taken the next step: Shock Media has successfully completed the SOC 2 and ISAE 3402 Type II audits, with no findings. This is an important milestone in our ongoing commitment to high-level security, quality, and compliance.

Our SOC 2 Type II and ISAE 3402 Type II reports offer you as a customer significant advantages in terms of compliance. In this article, we will explain the meaning of these standards and the added value they bring to you and your customers.

What are SOC 2 and ISAE 3402?

Within the assurance standards SOC 2 and ISAE 3402, specific requirements and criteria are defined for processes that organizations have outsourced to an external service provider, such as Shock Media.

SOC 2 (System and Organization Controls 2) is a recognized international audit framework that assesses whether your organization takes the right measures to ensure the security of critical processes. As a company, you must meet the criteria outlined in TSP section 100, Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy. ISAE 3402 (International Standard on Assurance Engagements 3402) is a standard mainly focused on the reliability of outsourced financial processes.

The formal report, drawn up by independent and (RE)-qualified auditors, shows that we meet both standards. The report provides insight into our processes and tells you more about the control measures we have implemented to guarantee the quality and security of our services.

The difference between Type I and Type II reports

SOC 2 and ISAE 3402 Type I reports describe the design and implementation of processes and control measures within Shock Media’s services. The auditor assesses whether these measures are adequately set up to achieve the stated control objectives.

Type II reports go much further. In addition to design and implementation, the operation and effectiveness of these control measures over a defined period—typically six to twelve months—are also assessed. It must be continuously demonstrated that procedures and control measures are actually and consistently applied. Thousands of pieces of evidence must be provided for this!

Shock Media’s first audit period ran until December 31, 2025. During this period, an independent RE auditor performed extensive checks. In early January, this audit was successfully completed, and we now have both a SOC 2 Type II and an ISAE 3402 Type II report. A new audit period has now started, allowing us to provide these assurance reports in the future as well.

What does this mean for our customers?

We deliver what you expect from us. Reliability, quality, and security are the core of our services. This is already demonstrated by our ISO 27001, NEN 7510, and ISO 9001 certifications. These independent audits are conducted annually by certification body Dekra.

With our SOC 2 and ISAE 3402 Type II reports, we offer our customers additional and objective insight into how we handle information security, availability, continuity, and risk management. This provides your organization with an objective foundation to rely on us for the Managed Hosting of your (business-)critical web applications, supported by an independent audit report.

Additionally, these reports support your own compliance obligations. Think of regulations such as the GDPR, but also DORA and the upcoming NIS2 (Cybersecurity Act and related decisions), which impose stricter requirements on cybersecurity, chain responsibility, and demonstrable control measures. By working with a hosting partner that is demonstrably compliant, you reduce risks and simplify your own accountability towards regulators and auditors.

Trustcenter

Would you like to know more about how our processes and measures for our Managed Hosting services are set up, or gain more insight into our SOC 2 Type II and ISAE 3402 Type II reports? Then visit our new Trustcenter in our customer portal at https://my.shockmedia.nl/. Here you will find all information regarding security, privacy, quality management, and compliance, including our certificates and reports.

Interested in what you see? Share this with someone you know.

Maureen Kerkemeijer
Maureen KerkemeijerContent Marketeer
Go to:

Other news

Virtual teams, in-depth technology, complex challenges and personal growth

Working at Shock Media means working at the most enjoyable and largest managed hosting provider in the Netherlands. We build future-proof solutions wi…
Lees meer

Observability in Laravel, more insight into your application

There comes a point where your website or web application starts to grow and it becomes increasingly busy. This makes it more and more important that…
Lees meer

Hosting migrations: the migration process of Kobalt

The migration of your applications often feels like a big and exciting step. No worries. At Shock Media, we handle the most diverse migrations almost…
Lees meer

The role of Shock Media in the open web concept

Municipalities in the Netherlands must all comply with laws and regulations. This means that their websites must be secure and accessible for citizens…
Lees meer

Sovereign Cloud: Control, Compliance, and Data Localization

Many Dutch organizations place their applications and data in the cloud. Well-known platforms such as Microsoft Azure, AWS, and Google Cloud are popul…
Lees meer

Shock Media wins the FD Gazelle award for the 13th consecutive time

For the thirteenth year in a row, Shock Media has been named an FD Gazelle in the medium-sized companies category. The FD Gazellen Awards, an initiati…
Lees meer

No more hosting issues – let us help you!

With 25+ years of experience, we provide fast, secure hosting – always with personal 24/7 support. Join thousands of satisfied customers and make your website shine. Contact us now for a free consultation!
Send us a message

Personal 24/7 support

Direct contact with specialized engineers, available day and night.

Certified quality & security

ISO 27001, NEN 7510, ISO 9001, SOC 2 and
ISAE 3402 certified.

Experienced team with Linux specialists

More than 25 years of hosting expertise for business-critical environments.

We offer 24/7 managed solutions for websites, webshops, and applications. This allows you to stay focused and rely on a stable, fast, and secure environment.

  • Managed Cloud Servers
  • Managed App Platform
  • Managed Kubernetes
  • Private Cloud
  • Public Cloud
  • Linux Server Management
  • Security Management
  • All solutions

Fully optimized solutions for your framework and/or CMS. Maximum speed, performance, and technical support.

  • WordPress Hosting
  • Magento Hosting
  • Laravel Hosting
  • Drupal Hosting
  • Craft Hosting
  • Medical Hosting
  • Custom Hosting
  • All applications

With industry-specific knowledge, we give you a technological edge. Discover the possibilities and solutions that suit you!

  • Digital Agencies
  • eCommerce
  • SaaS Providers
  • Enterprise & Government
  • Healthcare
  • iGaming
  • Managed Service Providers (MSP)
  • All branches
+31 (0) 546-714360
info@shockmedia.nl
View current notifications
0