Partners & Certifications
Documented, not just badged.
Certifications and partner-tier letters are reviewed against each vendor and issuing body's program requirements. Documentation is released to qualified clients and reviewers under NDA via the Trust Center — typically within five business days of request.
Security Certifications
ISO/IEC 27001
Information Security Management
Information security management system aligned to ISO/IEC 27001:2022. Certificate, scope statement, and Statement of Applicability available under NDA via the Trust Center.
SOC 2 Trust Services Criteria
AICPA framework
Controls operated against AICPA Trust Services Criteria (security, availability, confidentiality, privacy). Attestation report and bridge letters released under NDA.
Technology Partnerships
Microsoft platform
Solutions Partner program
Full-stack Microsoft expertise: Azure infrastructure, Microsoft 365, Entra ID, Defender XDR, Sentinel. Engineers hold individual Microsoft certifications including 365 Enterprise Administrator Expert and Identity and Access Administrator. Partner-tier letter under NDA.
AWS platform
Technology Partner program
Engineers hold individual AWS certifications across Solutions Architect, DevOps, and Security specialties. Partner-tier letter under NDA.
Cisco platform
Partner Program
Networking, security, and collaboration deployment credentials. Meraki, Catalyst, Umbrella, and Secure Firewall product specialization. Partner-tier letter under NDA.
3CX platform
Authorized partner
Authorized to deploy, manage, and support 3CX phone systems and unified communications. Available at efros.com/services/3cx. Partner-tier letter under NDA.
Frameworks we operate against
We design, operate, and evidence controls against the regulatory and industry frameworks below. Most clients only need 3 to 5 of these. We're fluent across all of them, so you don't end up choosing your compliance program based on what your vendor can handle.
Frequently Asked Questions
Does EFROS hold a SOC 2 attestation?
EFROS operates an information security management system aligned to the AICPA SOC 2 Trust Services Criteria. The attestation report, bridge letters, and scope statement are released to qualified clients and their auditors under NDA via the Trust Center.
What ISO standards does EFROS operate against?
EFROS operates against ISO/IEC 27001 for information security management, plus aligned controls against ISO 27017 (cloud security), ISO 27018 (PII in cloud), and ISA/IEC 62443 for industrial/OT environments. Certificate and Statement of Applicability are released under NDA via the Trust Center.
What is EFROS's Microsoft partner tier?
EFROS engineers hold individual Microsoft certifications including Microsoft Azure Solutions Architect Expert, Microsoft 365 Enterprise Admin, and Defender/Sentinel specializations. Vendor partner-tier documentation is released to qualified reviewers under NDA via the Trust Center.
How is trust documentation kept current?
Certificates are renewed on their respective audit cycles. Partner-tier letters are reviewed annually against each vendor's program requirements. Individual engineer certifications follow each issuing body's recertification cycle. The Trust Center catalogues what's available; specific files are sent on request within five business days.
Can EFROS share documentation for our vendor risk review?
Yes. SOC attestation, ISO certificate, penetration testing summary, sub-processor list, insurance certificates, and standard vendor questionnaire responses (CAIQ, SIG Lite, HECVAT) are shared under NDA. Email [email protected] or call +1 (765) 888-8888.
Need our certifications for your vendor review?
We share our SOC 2 Type II report, ISO 27001 certificate, and partner attestations on request. Send us an email and your vendor risk team will have them the same day.
Request Documentation