Citrix SOC 2 Audit Reports

Citrix issues SOC 2 reports on a regular basis. A SOC (System and Organization Control) report is designed to help service organizations, like Citrix, build trust and confidence in the service performed and controls related to the service through a report by an independent assessor.

The SOC 2 report is used to display the controls that a service provider has in place. The report is intended to provide detailed information and assurance about the controls at a service organization relevant to processing users’ data and keeping that data private and confidential. The SOC 2 touches on three (3) overall Trust Principles that a cloud provider can choose to report on. These include:

  • Security: protecting against unauthorized access or changes.
  • Availability: ensuring it will be up and running as needed.
  • Confidentiality: information in the system is properly protected.

The Citrix SOC 2 attestation reports are issued by an outside auditor, whose role is to assess the extent to which we comply with our selected Trust Principles based on the systems and processes in place.

SOC 2 audit reports are currently available for: