Achieving SOC 2 compliance means RiskBusiness customers know that the applications they rely on comply with the highest security and privacy standards
London, England, MAY 31 — RiskBusiness Services Limited, the leading provider of governance, risk, audit, compliance, and content SaaS (Software-as-a-Service) solutions, announced today that it has completed a Service Organization Control 2 Type 2 (SOC 2) audit, as defined by the American Institute of Certified Public Accountants (AICPA). Achieving SOC 2 compliance allows RiskBusiness to demonstrate the security and service controls it uses to protect customer data and provides those customers with comfort that the company is aligning with the highest level of security controls for its cloud-based services.
SOC 2 – introduced by the AICPA in 2009 – defines five Trust Service Principles, which may be used by software-as-a-service vendors to demonstrate the security, privacy and transaction processing controls they use to protect customer data in cloud-based offerings.
The specific Trust Services Principles that RiskBusiness is addressing cover:
∙ security – related to the safe and secure storage of customer data including protections against unauthorized access.
∙ availability – focuses on the availability of the service
∙ processing integrity – ensuring that data processing operations are being complete, accurate, timely, and valid
∙ confidentiality – sets policy on the protection of data deemed confidential
∙ privacy – refers to how personal information is collected, used, retained,
Mike Finlay, CEO and Chief Product Architect, RiskBusiness, states: “In an online world where cybersecurity hacks, data leaks and personal data misuse is headline news, we feel it is essential to demonstrate our data security and privacy leadership in a practical way through the investment we have made, and will continue to make, in attaining and maintaining SOC 2 compliance. As a company that tracks and understands commercial risk threats, we are delighted to be working with the AICPA on mitigation of these key data access, processing, storage and usage risks.”
The SOC 2 compliance that RiskBusiness has implemented effective immediately across all of the company’s applications, means that customers can benefit from increased security protocols without the need to make changes to their own processes and policies. The SOC 2 accreditation supersedes RiskBusiness’ existing SOC 1 Type 2/ISAE3402 accreditation.
About RiskBusiness Services Limited
RiskBusiness is an international governance, risk, audit and compliance (GRAC) solution provider, delivering risk content, risk intelligence, risk tools and risk advisory services to its clients. It is an association of like-minded industry professionals, who have the aim of furthering the risk management discipline to enable better risk-reward decision making.
Risk management is a continuously evolving discipline, which requires individual firms within the industry to continuously re-evaluate their own practices and tools. RiskBusiness has, both as individuals and collectively, a depth of established relationships with leading players and regulators in the operational risk field and are thus ideally placed to assist industry participants with their evolving needs and requirements. We are also active participants in industry working groups and contribute thought leadership through publications and education.
RiskBusiness was founded in 2003 and today has principal locations in Birmingham, London, Buenos Aries, Amsterdam, Hong Kong, New York, Singapore, Toronto, and Zurich. For more information, visit https://riskbusiness.com.