A declaration by an independent, third-party auditor that it has reviewed the organization’s records and determined that the organization meets certification standards such as SOC 2 or ISO 27001.