Magic Software Receives SOC 2 Type II Certification for Cloud Control Validation

Magic Software Japan Corporation, based in Shinjuku, Tokyo, has announced that its parent company, Magic Software Enterprises (NASDAQ: MGIC), has successfully obtained a SOC 2 Type II report. This report, compliant with the standards set by the American Institute of Certified Public Accountants (AICPA), affirms the company's internal controls for cloud services on a global scale.

The company maintains its certification in the International standard for Information Security Management Systems (ISMS) with ISO 27001, and this latest achievement underscores the effective functioning of internal controls for its globally operated cloud infrastructure, as validated by an independent third-party auditing firm.

Significance of the Achievement

Magic Software Enterprises has been providing enterprise-level integration platforms for over 40 years across more than 50 countries. In Japan, the company operates managed services leveraging its robust cloud infrastructure. The SOC 2 Type II audit assessed whether the internal controls are properly functioning over a defined period, evaluating aspects such as security, availability, and confidentiality.

Benefits for Japanese Customers

The SOC 2 Type II report, alongside the ISO 27001 certification, specifically concerns the cloud infrastructure and management system operated and provided by Magic Software Enterprises on a global scale. For customers in Japan utilizing the company's managed services, the internally controlled environment is now applicable, offering several key advantages:

- Efficiency in Audit Compliance: For financial institutions and publicly-listed companies that require confirmation of their outsourcing partners' internal controls, leveraging the internationally recognized SOC 2 report enables transparent information provision, thereby streamlining audit response processes.

- Enhanced Security Framework: Underpinned by the ISO 27001 certification and a verified cloud operation process, clients can confidently engage in data integration and collaboration.

- Support for Global Compliance: In data integration projects that include overseas ventures, the establishment of a unified governance framework based on international standards is facilitated.

Understanding SOC 2 Type II

SOC 2, which stands for Service Organization Controls 2, establishes a framework by which the internal controls of service organizations can be evaluated in accordance with the “Trust Services Criteria.” In this audit, the effectiveness of internal controls was assessed based on five criteria:

1. Security: Protecting against unauthorized access and system failures.
2. Availability: Ensuring service levels are maintained consistently.
3. Processing Integrity: Ensuring accurate and timely data processing.
4. Confidentiality: Protecting designated information appropriately.
5. Privacy: Managing personal information properly.

Unlike SOC 2 Type I, which evaluates controls at a specific point in time, Type II assesses whether controls have been effectively operational over a significant period (typically over six months).

Comments from President Toshio Sato

Toshio Sato, President of Magic Software Japan, commented, “There is an increasing demand for reliability and transparency concerning cloud services in the Japanese market. The receipt of the SOC 2 Type II report by our parent company reinforces our managed service infrastructure backed by global standards of internal controls, enabling our Japanese clients to utilize our services with greater assurance. We will continue to fuse our global insights with local support to help clients evolve their valuable assets into a safer and smarter cloud future.”

This report pertains to the cloud services and management systems offered and operated by Magic Software Enterprises. In Japan, these apply to the managed services within the cloud infrastructure being overseen by the parent company.

About Magic Software Japan Corporation

Magic Software Japan is a wholly-owned subsidiary of Magic Software Enterprises (NASDAQ: MGIC), with a business network extending across over 50 countries globally. The company operates locations in major cities such as Tokyo, Sapporo, Sendai, Nagano, Nagoya, Osaka, Okayama, Hiroshima, and Fukuoka, collaborating with more than 800 partners nationwide. It provides solutions and services centered around the low-code development tool “Magic xpa” and the data integration platform “Magic xpi.”

Overview of Business Activities

- Procurement, production, and sales of the application platform “Magic xpa”
- Procurement, production, and sales of data integration solutions “Magic xpi”
- Professional services including training and support for tool products, assistance for related projects, and commissioned development of application systems.