Order.co, the world’s leading B2B Ecommerce Platform, announced that the company has undergone a System and Organization Controls (SOC) 2 examination resulting in a CPA’s report stating that management maintained effective controls over the security, availability, processing integrity, confidentiality, and privacy of its platform. This achievement reflects Order.co’s dedication to ensuring its customers’ data remains safe at every step of the ordering process.
“We’re pleased that our SOC 2 report has shown we have the appropriate controls in place to mitigate security risks,” said Glenn Veil, Vice President of Engineering at Order.co. “We hope that achieving this milestone gives our customers and partners confidence that we view data security as a top priority.”
A SOC 2 report is designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls used when processing their information. The engagement was performed by BARR Advisory, P.A., a global cybersecurity consulting and compliance attestation firm that has served as a trusted advisor to hundreds of cloud-based and hybrid organizations aiming to build trust and resilience through cybersecurity compliance.
“This SOC 2 Type 1 report affirms that Order.co has successfully designed controls over the selected trust services criteria developed by the American Institute of CPAs (AICPA) for effective data management,” said Sydney Buchel, manager of automation SOC services at BARR Advisory. “It’s a pleasure to work with a team that cares about data security and integrity as much as we do.”
The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:
- Security: The system is protected against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.
Based on one or more of these criteria, SOC 2 reports provide valuable information that existing and potential customers need when evaluating an outsourced service.
For more such updates, follow us on Google News Martech News