his is a benchmark accomplishment for ChainSys that proves our organization is dedicated to keeping customer information secure, confidential and highly available. For an innovator in the cyber risk SaaS space, data security is critical. His accomplishment demonstrates that our processes, procedures and controls are in compliance with the applicable Trusted Services Principles and Criteria set by AICPA.
The audit was performed which included a review of ChainSys’s controls related to security, availability, processing integrity, confidentiality, and privacy, based on the Trust Services Criteria (TSC) of the American Institute of Certified Public Accountants (AICPA). The report ensures that the system is designed and implemented to meet the following criteria:
This achievement marks an important milestone in the deployment of ChainSys. Our team designed ChainSys to meet the needs of corporate data protection, building all facets of security—encryption, identity management, role-based access control, and compliance data.
System and Organization Controls (SOC) 2 is a widely recognized attestation of security compliance defined by the AICPA and is considered the standard for ensuring data security and operational maturity. A SOC 2 certification provides valuable information for companies to assess the quality of the security provided by the organization.
Many companies have high requirements for technology vendors, especially SaaS vendors. When we meet with potential customers, they often have many questions about our policies and procedures, including securing data, controlling access, and tracking and responding to incidents. Our SOC 2 Type 1 certification report provides detailed answers to these questions and facilitates the security approval process with these customers.
During a SOC 2 audit, the auditor validates the presence of the organization’s description and the sustainability of the design of control activities against the selected Trust Services Criteria (TSC): security, availability, confidentiality, privacy, and process integrity. This report will also include management’s description of a service organization’s system, including service commitments, system requirements, and the suitability of the controls’ design.
We have started working toward our next milestone: achieving SOC 2 Type 2 compliance, which will be based on what we have already attained with our Type 1 certification. Attaining the SOC 2 Type 2 certification will ensure that our customers’ trust in us remains intact. Customers should be confident that their data is safe and secure.
A copy of ChainSys SOC 2 Type 1 certification report is available to current and potential users under NDA upon request.
