Riskonnect, the leading provider of enterprise-wide risk management technology, announced it has successfully completed the Service Organization Control (SOC) 2 Type 2 audit.
“Completing the SOC 2 Type 2 audit demonstrates our ongoing commitment to security and emphasizes the investment we’ve made to keep our customers’ data safe,” commented Antonio Dabraio, Riskonnect co-founder and vice president of research and development.
Why is SOC 2 Type 2 Important?
It is vital for service providers to demonstrate that they have adequate controls of data protection technologies and processes. The SOC 2 Type 2 report puts strict audit requirements in place with a more meaningful audit standard than SSAE 16 SOC 1. The same audit report used by companies such as Google and Salesforce, SOC 2 validates the security of infrastructures and services.
“The certification sets Riskonnect apart from others in the ever-growing cloud environment. Riskonnect’s customers can be assured that the highest level of internal controls and security are established and maintained,” said Dabraio.
About SOC 2 Type 2
The Service Organization Control (SOC) 2 Report is performed in accordance with AT 101 and based upon the Trust Services Principles. The Trust Service Principles that SOC 2 is based upon are modeled around four broad areas: Policies, Communications, Procedures, and Monitoring. Each of the principles have defined criteria (controls) that must be met to demonstrate adherence to the principles and produce an unqualified opinion (no significant exceptions found during the audit).
The audit includes a full assessment of:
- Security: Data centers are protected against unauthorized access (both physical and logical).
- Availability: Data centers are available for operation and use as committed or agreed.
- Processing integrity: Processing is complete, accurate, timely and authorized.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed and destroyed in conformity with privacy principles issued by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA).
Riskonnect is an innovator and the only global provider of enterprise-wide risk management technology solutions. Built on the world’s leading cloud platform, Riskonnect breaks down silos and unites the entire organization by providing a holistic view of risk management.
Through Riskonnect RMIS, Riskonnect GRC, Riskonnect Healthcare and Riskonnect Safety, the company provides specific and configurable solutions needed to reduce losses, control risk, and increase shareholder value. Riskonnect solutions are all connected, allowing users to easily navigate within the system to review, analyze and report on data from web-based interfaces that provide a single point of access for global organizations.
Riskonnect’s growing suite of risk management applications are built on a lightning fast, secure and reliable platform you can trust.