Levels FYI Inc.

High risk

Levels.fyi helps employees and employers determine their compensation.

High risk. Significant audit integrity concerns detected. Recommend obtaining an independent compliance assessment before vendor engagement.

Grade: D

Dimensions

Scored across governance, coverage, security, and transparency.

Flagged signals

40% of all recorded signals are negative.

Observation period

August 29, 2025 - November 29, 2025

1 audit report referenced.

Trust score

Grade D • High risk

38%

Primary concern

Audit database match

Strongest signal

Web presence

Signal composition

Flags

Neutral

Positive

Analysis

Weighted score breakdown

Contribution shows approximate points each dimension adds to the overall score.

Analysis

Audit Integrity

Impact:HighWeight 35%

15 / 100

5.3 pts contribution

Compliance Coverage

Impact:MediumWeight 25%

35 / 100

8.8 pts contribution

Infrastructure & Security

Impact:MediumWeight 20%

80 / 100

16 pts contribution

Transparency & Governance

Impact:MediumWeight 20%

40 / 100

8 pts contribution

Signal distribution by dimension

Shows where risk evidence is concentrated across the audit dimensions.

Audit Integrity

3 signals

Flags 3

Neutral 0

Positive 0

Compliance Coverage

2 signals

Flags 0

Neutral 2

Positive 0

Infrastructure & Security

3 signals

Flags 0

Neutral 0

Positive 3

Transparency & Governance

2 signals

Flags 1

Neutral 1

Positive 0

Highlights

Top risks

Audit database match

Company found in leaked database of template-based audit reports

Audit Integrity

Type 2 report flagged

Type 2 reports require observation period testing - template usage is more concerning here

Audit Integrity

Auditor credibility

Audit performed by firm flagged for systematic template reuse

Audit Integrity

Positive indicators

Web presence

Company maintains a public website

Infrastructure & Security

Transport encryption

Website configured with HTTPS

Infrastructure & Security

Cloud infrastructure

Hosted on AWS - enterprise-grade infrastructure with native security controls

Infrastructure & Security

Details

Company details

Website: levels.fyi
Legal name
Observation period: August 29, 2025 - November 29, 2025
Report types: SOC 2 Type 2
Infrastructure: AWS

Assessment notes

Public footprint

Public website and branded presence are available for validation.

Coverage view

4 scored dimensions with 10 supporting signals were analyzed.

Analyst takeaway

High risk. Significant audit integrity concerns detected. Recommend obtaining an independent compliance assessment before vendor engagement.

Evidence

Dimension evidence

Detailed evidence behind each dimension score and its underlying signals.

Audit Integrity

Impact: HighScore: CriticalWeight: 35% • Signals: 3

15 / 100

Signals (3)

Flag
Audit database match
Company found in leaked database of template-based audit reports
Flag
Type 2 report flagged
Type 2 reports require observation period testing - template usage is more concerning here
Flag
Auditor credibility
Audit performed by firm flagged for systematic template reuse

Compliance Coverage

Impact: MediumScore: HighWeight: 25% • Signals: 2

35 / 100

Signals (2)

Info
Single framework
SOC 2 report found, from a flagged source
Info
Report recency
Reports dated within Jan-Dec 2025 observation window

Infrastructure & Security

Impact: MediumScore: LowWeight: 20% • Signals: 3

80 / 100

Signals (3)

Good
Web presence
Company maintains a public website
Good
Transport encryption
Website configured with HTTPS
Good
Cloud infrastructure
Hosted on AWS - enterprise-grade infrastructure with native security controls

Transparency & Governance

Impact: MediumScore: HighWeight: 20% • Signals: 2

40 / 100

Signals (2)

Info
Service description available
System description found in audit reports
Flag
Exception reporting
Zero exceptions reported across all audit periods - statistically improbable, suggests inadequate testing

Explore