A Service Organization Controls (SOC) report is a way to make sure a company is following important rules about keeping data safe, private, and available. These reports are created by independent third-party auditors and help customers or partners check if there are any risks in working with a company.
Gusto’s reports focus on Security, Availability, and Confidentiality and can be accessed by prospects, current customers, and past customers.
Use the dropdowns below to learn more. Use CMD + F (or CTRL + F) to search for words in the article.
Gusto supports these reports for prospects, current customers, and past customers:
You'll need to sign a Non-Disclosure Agreement (NDA) before you can download the reports.
You'll need to sign a Non-Disclosure Agreement (NDA) before you can download the reports.
NDA already signed (within last year)
If you already signed an NDA in the last year, you should have access to the Gusto Security Trust Center. If you do not have access, request access at the top of trust.gusto.com.
NDA needs to be signed
If approved, you'll get an email from Vanta ([email protected]) to access the Trust Center. If an NDA has not been signed, you'll need to sign one before accessing the documents further.
Full-calendar year reports
Gusto’s SOC reports sometimes cover from March of the previous year to February of the current year.
To cover a full calendar year, request a "SOC2 type 2" report for the missing period from the previous year's report (e.g., Jan–Mar '24).