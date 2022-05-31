RiskBusiness Services Limited, the leading provider of governance, risk, audit, compliance, and content SaaS (Software-as-a-Service) solutions, announced today that it has completed a Service Organization Control 2 Type 2 (SOC 2) audit, as defined by the American Institute of Certified Public Accountants (AICPA). Achieving SOC 2 compliance allows RiskBusiness to demonstrate the security and service controls it uses to protect customer data and provides those customers with comfort that the company is aligning with the highest level of security controls for its cloud-based services.

SOC 2 – introduced by the AICPA in 2009 – defines five Trust Service Principles, which may be used by software-as-a-service vendors to demonstrate the security, privacy and transaction processing controls they use to protect customer data in cloud-based offerings.

The specific Trust Services Principles that RiskBusiness is addressing cover:

security – related to the safe and secure storage of customer data including protections against unauthorized access.

availability – focuses on the availability of the service

processing integrity – ensuring that data processing operations are being complete, accurate, timely, and valid

confidentiality – sets policy on the protection of data deemed confidential

privacy – refers to how personal information is collected, used, retained,

Mike Finlay, CEO and Chief Product Architect, RiskBusiness, states: “In an online world where cybersecurity hacks, data leaks and personal data misuse is headline news, we feel it is essential to demonstrate our data security and privacy leadership in a practical way through the investment we have made, and will continue to make, in attaining and maintaining SOC 2 compliance. As a company that tracks and understands commercial risk threats, we are delighted to be working with the AICPA on mitigation of these key data access, processing, storage and usage risks.”

The SOC 2 compliance that RiskBusiness has implemented effective immediately across all of the company’s applications, means that customers can benefit from increased security protocols without the need to make changes to their own processes and policies. The SOC 2 accreditation supersedes RiskBusiness’ existing SOC 1 Type 2/ISAE3402 accreditation.