Trust assurance among employees, customers and vendors has become increasingly important as more companies digitize their business processes and move to the cloud. While this new technology helps streamline your operations, it also takes away some of your control.
SOC 2 Type II Certification is designed to address this – providing customer confidence. as well as incident impact minimization and streamlined compliance. The rigorous requirements ensure that sensitive information is being handled responsibly, including process monitoring, encryption control, intrusion detection, user access authentication and disaster recovery.
The 5 Trust Principles on an SOC 2 Audit
The SOC 2 Type II Report is critical in data and document management – providing assurance that your private business data will be kept secure while in the hands of another service organization. It specifically reviews a company’s processes and procedures relative to the AICPA’s 5 trust principles:
Security
Ensures proprietary systems are protected against unauthorized access – including Network Application/Firewalls, Two-factor Authentication and intrusion Detection.
Confidentiality
Ensures agreements are in place regarding use, access, and protection of customer and client information – including Encryption, Access Controls, and Network Application/Firewalls.
Availability
Ensures that services provided are operating with the expected, agreed upon availability – including Performance Monitoring, Disaster Recovery and Security Incident Handling.
Processing Integrity
Ensures that any services provided by a firm are done so in a complete, authorized, accurate, and timely manner, as stated in the user agreement.
Privacy
Ensures client and customer personal information is properly collected, used, retained, disclosed, and disposed of – including Access Control, Two-Factor Authentication and Encryption.
SOC II for Document & Records Management
Trust security is essential in all aspects of document and records management, including organizational oversight, vendor management and customer interaction.
CASO Document Management (CDM) has been recertified as SOC 2 Type II, marking its 8th consecutive certification of the System and Organization Controls (SOC) 2 Type II standards as defined by The American Institute of Certified Public Accountants (AICPA).
SOC 2 compliance covers the general organizational and information technology controls for all services provided by CDM regardless of size, scope, industry, department or project, including:
Quite simply, SOC 2 Type II is the most robust certification a document management company can earn. It is the best way to ensure you’ve completed due diligence regarding the confidential handling of your documents while in their facility.
Get a Copy of the Report
Before choosing a document management partner, ask to see their SOC 2 Report, visit their facility and see their processes in action. There is simply no better way to ensure your company’s information security for ultimate peace of mind.
To learn more about SOC 2 and CDM data security, contact us today!
“The CDM team has been exceptional. They completed the work faster and cheaper than we could have, and have always accommodated our needs. It is a pleasure working with them.”
Richard Ajimati – SUNY Downstate Medical Center
Contact Us
Fill out the form below to get in touch with us. We’ll get back to you right away.