The Routing Company Achieves SOC 2 Type 2 Compliance
December 6, 2024 – New York, New York, USA: The Routing Company (“TRC”), a global on-demand vehicle routing and management platform, proudly announces its achievement of SOC 2 Type 2 compliance, reinforcing its commitment to data security, operational excellence, and partner trust. This milestone highlights TRC’s unwavering dedication to safeguarding transit agencies’ sensitive information while enabling seamless, innovative mobility solutions.
SOC 2 compliance is a rigorous auditing standard developed by the American Institute of Certified Public Accountants (“AICPA”). It certifies that an organization adheres to strict criteria in managing data securely to protect the interests of its clients and users. The certification encompasses key areas including security, availability, processing integrity, confidentiality, and privacy. It is considered one of the most comprehensive and prestigious data security accreditations available, and achieving it positions TRC among global technology leaders in data protection.
Specifically, SOC 2 Type 2 audits the design and operating effectiveness of an organization’s controls (in comparison to SOC 2 Type 1 compliance, which audits only the design of an organization’s security controls).
A Commitment to Data Safety and Trust
“As transit agencies increasingly rely on technology to meet the demands of modern mobility, the importance of secure and reliable systems cannot be overstated,” said James Cox, Chief Executive Officer, TRC. “Achieving SOC 2 compliance demonstrates that TRC not only delivers cutting-edge technology but does so with the highest level of integrity and accountability. This is a significant milestone for our company and our partners.”
SOC 2 compliance ensures that TRC’s partners – public transit agencies, paratransit operators, and microtransit providers – can trust its systems to manage sensitive operational and rider data with unmatched security. It also affirms TRC’s ability to mitigate risks associated with cybersecurity threats and system vulnerabilities.
Raising the Bar for Transit Technology Providers
“Earning SOC 2 compliance is not merely a milestone; it is a testament to the collective dedication of our entire team to protect our partners’ and riders’ data and maintain a high availability of our service,” said Benjamin Susman, Vice President of Engineering at TRC, who led the compliance process. “Achieving this certification required months of meticulous audits, stringent adherence to controls, and the deployment of advanced security protocols. With this achievement, TRC not only meets but exceeds industry standards for secure operations. For our partners, this translates to peace of mind and a commitment to excellence that drives our shared mission of transforming transit.”
The Scale and Significance of SOC 2 Compliance
SOC 2 compliance is increasingly recognized as a prerequisite for organizations handling sensitive data, quickly becoming the de facto standard for demonstrating robust data security practices in the U.S. market. Adherence to compliance standards and external audits are increasingly important given the average cost of a data breach exceeds 4 million dollars annually and the cost of unavailability can damage both the revenue and trust of any organization and its partners.
Most businesses responsible for managing sensitive customer data are expected to be SOC 2 compliant in the near future. Notable organizations holding SOC 2 certification include cloud computing pioneers, financial institutions, and major tech platforms – aligning TRC with leaders in operational security and accountability.
Why SOC 2 Compliance Matters
- For Transit Agencies: SOC 2 compliance provides assurance that their data is managed in a secure and ethical manner, reducing the risk of breaches and ensuring compliance with industry regulations.
- For Riders: It ensures that sensitive personal data, such as ride history and payment information, is protected from unauthorized access.
- For the Industry: TRC’s achievement raises the bar, underscoring the necessity for all technology suppliers to transit agencies to prioritize security and compliance.
A Leader in Secure, Scalable Transit Solutions
TRC has a proven track record of delivering transformative transit solutions through its Pingo platform – which includes the Drive Pingo™ and Ride Pingo™ apps and the Pingo Dashboard™ operations tool – and integrating on-demand, paratransit, shuttle, flex, and fixed-route services into a seamless experience.
By achieving SOC 2 compliance, TRC enhances its ability to empower agencies with innovative solutions that are not only efficient but also secure. Pingo™ has powered over two million trips to date, helping agencies deliver efficient, flexible, and scalable transit services.
TRC’s commitment to enabling safe, secure, and straightforward on-demand procurements carries through its multiple resources for prospective partners, including its recent On-Demand Transit Buyer’s Guide. An industry first, the guide outlines 15 critical considerations for designing, testing, and launching on-demand transit services – ultimately explaining what agencies need to future-proof their transit systems. The guide is available for download on the APTA Knowledge Hub.
For more information on The Routing Company’s solutions and its commitment to excellence, visit theroutingcompany.com.
About The Routing Company
The Routing Company (“TRC”) is a global technology provider pioneering smart, sustainable, and accessible transit solutions. Built on MIT research, its Pingo platform enables transit agencies and operators to optimize shared rides, increase accessibility, and reduce costs while ensuring the highest standards of safety and security.
Media Inquiries
Lindy Norris
Vice President, Marketing & Policy
Investor Inquiries
James Cox
Chief Executive Officer
