Conga Receives SOC 2 Type II Certification

by Sarah Harvey / March 28th, 2019

Independent Audit Verifies Conga’s Internal Controls and Processes

Broomfield, CO – Conga, the leader in end-to-end Digital Document Transformation, today announced it completed its annual SOC 2 Type II audit report covering security, availability, and confidentiality for its platform. The certification highlights Conga’s continued commitment to delivering trusted and secured services to its nearly 850,000 users.

SOC 2 engagements are based on the AICPA’s Trust Services Criteria. SOC 2 service auditor reports focus on a service organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. KirkpatrickPrice’s service auditor report verifies the suitability of the design and operating effectiveness of Conga’s controls to meet the standards for these criteria.

“Through the achievement of these reports, Conga’s current and prospective customers can be assured our security, availability and confidentiality controls are tested and operate in accordance to the highest possible standards,” said Mary Sparks, Vice President of Privacy and Compliance. “We believe in transparency and provide these reports because we understand the mission-critical nature of the data we’ve been entrusted with. We put customer trust first.”

“Securing this attestation reinforces Conga’s mission as a trusted, customer-focused organization, especially as we continue to expand our investment in innovation, customer experience and customer success,” said Matt Schitlz, Chief Executive Officer at Conga. “Showing our customers that we are serious about compliance and security is not only critical to the customer experience but the key to building trusting relationships.”

“Conga is a mature organization that has integrated compliance into their culture,” said Joseph Kirkpatrick, President of KirkpatrickPrice. “Their desire to effectively communicate audit results is at the heart of the SOC 2 report. Security, availability, and confidentiality controls have been thoroughly tested to provide a greater level of assurance to the users of Conga’s services.”

For more information on Conga’s security practices, visit

About Conga

Conga is the leader in end-to-end Digital Document Transformation. From collaboration and creation, through contract management and negotiation, to agreement and e-signature, the Conga Suite has set the standard for automating business productivity and CRM investment through end-to-end Digital Document Transformation. The Conga Suite, which includes Conga Composer, Conga Collaborate, Conga Contracts, Conga Grid, Conga Sign and Conga Orchestrate, drives segment-leading ROI by simplifying and automating intelligent data, documents, contracts, signing, and reporting outcomes.

As a top global Salesforce Platinum ISV Partner, Conga produces the highest volume downloaded paid app on the entire AppExchange. In fact, nearly 850,000 users in 85 countries across virtually all industries rely on Conga applications to drive digital document transformation, including Hilton Worldwide, Schumacher Group, and CBRE.

The company is privately-held and based in Colorado with global operations in the UK and Australia. Learn more at or follow Conga on Twitter: @getconga.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 800 clients in more than 48 states, Canada, Asia, and Europe. The firm has more than a decade of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks. For more information, visit, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.