HTAP Summit 2024 session replays are now live!Access Session Replays
PingCAP completes SOC audits

We are pleased to announce that PingCAP has successfully completed its SOC 1, SOC 2, and SOC 3 audits. Reaching this milestone validates our continued commitment to complete SOC compliance. It also reaffirms our dedication to the highest standards of data security and operational control while meeting diverse customer audit needs.

What are SOC 1, SOC 2, and SOC 3 Audits?

The independent auditing firm, Schellman, conducted the SOC 1, SOC 2, and SOC 3 audits. Over an extended period, these comprehensive audits rigorously evaluated our internal controls and processes. The aim was to align with the strict standards set by the American Institute of Certified Public Accountants (AICPA). Specifically, the SOC audits examined various operational aspects like data handling, system availability, and security incident response.

Financial auditors and their clients use SOC 1 to assess the controls that might impact financial reporting. SOC 2 reports evaluate an organization’s controls related to areas such as security, availability, processing integrity, and confidentiality of customer data. Moreover, these controls are relevant for any business providing customer information or data processing services. SOC 3 is a publicly-accessible version of SOC 2.

What Do These Audits Mean to You?

The SOC audit report demonstrates that PingCAP has robust control mechanisms in place to safeguard the interests of our customers. Specifically, successfully passing these audits highlights our steadfast commitment to transparency, accountability, and industry best practices.

“We’re delighted to have successfully passed these audits,” said Ed Huang, Co-founder and CTO of PingCAP. “In a time of evolving cyber threats and rising data breaches, it’s paramount that companies take necessary steps to protect their customers’ data. At PingCAP, we wholeheartedly commit to the highest security standards for our customers.”

Beyond SOC Audits: ISO27001 and HIPAA Compliance

In addition to the SOC audits, PingCAP is also ISO27001 certified. This international standard outlines the criteria for creating and maintaining a robust Information Security Management System (ISMS). Earlier this year, we also released our HIPAA white paper, further showcasing our dedication to meeting the specific needs of our clients from the healthcare industry.

Each framework or standard addresses different information security and data privacy aspects tailored to specific industries or needs. We will continue to reach for the highest standards to provide the most secure products and services to our customers.

Finally, for a downloadable SOC 3 report and more details, please visit our Trust & Compliance Center page.


Spin up a Serverless database with 25GiB free resources.

Start Right Away

Have questions? Let us know how we can help.

Contact Us

TiDB Cloud Dedicated

A fully-managed cloud DBaaS for predictable workloads

TiDB Cloud Serverless

A fully-managed cloud DBaaS for auto-scaling workloads