Ballard & Tighe, Publishers Completes SOC 2 Type 1 Examination
SOC 2 is a standard defined by the American Institute of Certified Public Accountants (AICPA) as a way of reporting how businesses handle protective data. It’s widely adopted throughout many industries as a standard way of reporting on computer system and data security, verified through independent audit. The audit report focuses on five key areas, called Trust Services, of a business’s computer systems and operations:
- Security - Verifying the system is protected against unauthorized access, use, or modification to meet the entity’s commitments and system requirements.
- Availability - Verifying the system is available for operation and use to meet the entity’s commitments and system requirements.
- Processing Integrity - Verifying the system processing is complete, valid, accurate, timely, and authorized to meet the entity’s commitments and system requirements.
- Confidentiality - Verifying that information designated as confidential is protected to meet the entity’s commitments and system requirements.
- Privacy - Verifying personal information is collected, used, retained, disclosed, and disposed to meet the entity’s commitments and system requirements.
Simply put, it means that you can work with or partner with Ballard & Tighe knowing that we take your data security seriously. Type 1 SOC 2 certification means that we have a deep understanding of the security issues involved, and have taken all reasonable steps towards establishing and maintaining that security.
This attestation provides evidence that Ballard & Tighe has a strong commitment to deliver high quality services to its clients and the security of their critical data and information. The SOC 2 (Service Organization Control for Service Organizations) evaluates applicants in five categories within the Trust Services Criteria of the American Institute of Certified Public Accountants:
The audit report provides a thorough review of how Ballard & Tighe internal controls affect the security and availability of the systems it uses to process users’ data and the privacy of the information processed by these systems. We feel strongly that this standard of compliance is what our customers and partners should expect, and we are making every investment to establish and maintain the highest level of security and compliance.
Going forward, we will perform a SOC 2 examination on an annual basis in order to demonstrate our ongoing commitment to safeguarding your data and confidentiality.