NEW YORK – March 3, 2017 – CASO Document Management is proud to announce that it has completed again the American Institute of Certified Public Accountants’ (AICPA) Service Organization Control (SOC) 2 Type 2 audit.
The certification involved the auditing of CASO’s controls that are in place relevant to:
· Security – The system is protected against unauthorized access (both physical and logical)
· Availability – The system is available for operation and use as committed or agreed
· Processing Integrity – System processing is complete, accurate, timely and authorized
· Confidentiality – Information designated as confidential is protected as committed or agreed
· Privacy – Personal information is collected, used, retained, disclosed and disposed of in conformity with the commitments in the entity’s privacy notice, and with criteria set forth in Generally Accepted Privacy Principles (GAPP) issued by the AICPA and Canadian Institute of Chartered Accountants. [The criteria in GAPP are the same as the criteria for the privacy principle in TSP section 100.] Use of a SOC 2SM.
SOC 2SM is the authoritative guidance that allows service organizations, such as CASO, to disclose its control activities and processes related to operations and compliance to its customers and its customers’ auditors in a uniform reporting format.
The SOC 2SM Type 2 Report includes a description of the security and availability processes of the organization and offers comprehensive reviews and tests of CASO’s controls.
Richard Tamaro, CASO’s CEO knows the certification goes a long way into showing CASO’s future and current customers that it provides the best service and security in the industry, “This is our second round of the SOC 2SM certification and it continues to allow CASO to ensure that our customers are getting the best document management solutions in the industry. CASO has long contended that it takes it’s responsibility of handling customers data seriously, and this certification only solidifies our dedication to customers first.”
CASO retained the services of The Moore Group to perform this audit.