Scheer IMC achieves first SOC 2 report from independent auditor
Saarbrücken, May 2026
Scheer IMC has successfully completed its first SOC 2 audit and received a corresponding report from an independent auditor. The result marks an important milestone in the company’s ongoing efforts to strengthen information security, demonstrate operational reliability, and provide customers with additional transparency around security controls.
Independent validation of security processes
While ISO 27001 confirms that an organisation has established and implemented a structured Information Security Management System, SOC 2 goes one step further in practical verification. The audit is evidence-based and assesses whether defined security controls are consistently followed in day-to-day operations.
For Scheer IMC, this meant providing detailed proof across 127 controls, resulting in more than 190 individual control checks due to overlapping requirements. The outcome was especially strong: more than 190 controls were assessed with “No deviation noted”, with only one instance of “Deviation noted”.
“This result shows that our security processes are not only defined, but also work in practice,” said Roman Muth, CTO, Scheer IMC. “It is an important achievement for the entire organisation and a strong foundation for the next stage of our compliance journey.”
A strong basis for the next audit phase
The completed audit was conducted as a SOC 2 Type 1 report, meaning that controls were assessed at a specific point in time. The next step will be a Type 2 report, which evaluates the effectiveness of those controls over a longer period and requires continuous evidence throughout the year.
This makes ongoing documentation and close coordination across teams increasingly important, especially where processes evolve or are further consolidated. A risk-based approach and consistent evidence collection will therefore remain key success factors.
What SOC 2 means for customers
The new SOC 2 report further reinforces Scheer IMC’s commitment to secure, trustworthy and enterprise-ready learning technology. Access to the report is intended for customers only and is managed through a dedicated request process.
With this milestone, Scheer IMC continues to build the foundation for scalable, transparent and reliable security standards across its solutions and services.
