CC6.4
Restricts physical access
SecurityN/ASecurity (Common Criteria)
Control description
AICPA Trust Services Criteria
The entity restricts physical access to facilities and protected information assets to authorized personnel.
Auditor test plan
How this is tested during the audit
N/A — Helio Software is fully remote and operates no data centers; production runs on AWS, whose SOC 2 report inherits this control.
Evidence
No evidence on file yet
No evidence attached
Upload at least one artifact before the audit window opens.
Last reviewed
—
Within 180-day window
Evidence on file
0
Owner
DF
Director, Facilities
Accountable for design + operating effectiveness
Status timeline
Recent control history
Last reviewed by Director, Facilities
0d ago
Marked N/A — out of scope
365d ago