What is SOC 2 compliance?
The American Institute of Certified Public Accountants (AICPA) has established a set of guidelines called Service Organization Control (SOC) Reports. The purpose of the guidelines is to set a standard by which companies must have in place a strict series of tested internal controls built on data, IT infrastructure, and building security.
There are 5 key factors that the AICPA has identified as imperative to achieving compliance
- Security: The system is protected, both logically and physically, against unauthorized access, use or modification.
- Availability: The system is available for operation and use as committed or agreed to.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized.
- Confidentiality: Information that is designated “confidential” is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, and disclosed in conformity with the commitments in the entity’s privacy notice and with the privacy principles put forth by the AICPA.
What does having SOC 2 mean to the TGI clients?
The SOC 2 compliance provides our clients with the confidence that TGI has control systems, infrastructure, and security policies that will safeguard their data.
- The clients data is secure and protected within a controlled environment
- Every time a company outsources a function that requires data to be collected, processed, transmitted, stored, organized, maintained or dispose of they should ask the vendor about how their data will be managed.
- Reduce risk – less vulnerable
- Trust factor
When did TGI become SOC 2 Compliant?
In July 2015, 360 Advanced, a certified accounting and technology audit services organization granted TGI SOC 2 compliance