CORAA stores some of the most sensitive data a Chartered Accountancy firm holds — client ledgers, board minutes, related-party schedules, MIS, tax workings. This page documents how we protect it, and the regulatory regime that backs the commitments.
The six commitments below cover what we do with your data, and what we do not do. Detailed sub-processor list, technical and organisational measures, security questionnaires, and incident transparency log live at trust.coraa.ai.
We support the standard CA-firm and enterprise procurement workflow — security questionnaires, ISO 27001 report under NDA, and due-diligence calls with your IT / IS team. SOC 2 Type II will be added when the audit closes.