AxiomSL, the leading provider of regulatory reporting and risk management solutions, today announced completion of The Service Organization Control (SOC) 2 Type II audit of RegCloud that confirmed the effectiveness of the firm’s internal controls for compliance and data protection.
Deloitte completed the audit in compliance with the Trust Principles outlined by the American Institute of Certified Public Accountants (AICPA), which issues the SOC 2 attestation now widely recognized as the industry de facto standard for assurance on a service organization’s controls relevant to security, availability, and processing integrity of all systems related to information technology.
The audit of AxiomSL’s RegCloud covered the security Trust Principle, the required category for SOC 2 attestation, as well as the optional availability, processing integrity, confidentiality and privacy categories.
AxiomSL voluntarily elected to be examined across all five principles to provide financial institutions with the most comprehensive view possible of the security of its internal processes, ultimately easing the burden clients face in ensuring service providers are securely managing their data.
“Vendor risk management is an important part of overall enterprise risk needs, and we are proud to be one of the few firms that have voluntarily chosen to comply with all five Trust Principles in the completion of our SOC 2 audit,” said Aaron Slutsky, AxiomSL’s chief security officer.
“We are resolute in our commitment to providing clients with the utmost transparency and trust in the solutions we offer and are proud to have had every aspect of our internal operations validated by the SOC 2 review.”
The completion of this audit extends AxiomSL’s commitment to meeting the highest standards of information security, having this year received ISO/IEC 27001:2013 certification (known as ISO 27001), which validates the effectiveness of the firm’s security operation related to risk management, development, HR, third-party risk and other areas.
The combination of the SOC 2 attestation with the ISO 27001 certification allows AxiomSL clients to have the highest confidence in entrusting the firm with the protection of their highly sensitive data in the cloud.
“Receiving the SOC 2 attestation provides a huge value for our clients who otherwise are spending a significant amount of time and resources to verify that the internal controls implemented in their vendors’ data management processes are on par with their own enterprise risk management needs,” continued Slutsky.