Preqin Solutions has received a SOC 2 Audit Certification from Kahn, Litwin, Renza & Co; providing further assurance that it is maintaining the highest standards of data confidentiality and security. SOC2 is designed specifically to address the controls and operations of service providers who store customer data in the cloud.
Achieving SOC 2 compliance means you have established strict processes and practices around information security and are adhering to these with the necessary oversight across your organization — for example: that you are monitoring unusual system activity, authorized and unauthorized system configuration changes and user access levels.
“A barrier for companies to adopt the cloud are concerns surrounding security and data privacy. Adoption of these security standards and protocols makes CIOs and CSOs much more confident about using SaaS solutions” said Corina Grigore, Preqin Solutions Senior Project Manager, who led the certification project.
Danielle Pepin, VP and Head of Global Consulting, states that “SOC 2 Type I certification helps assure our customers that, with Preqin Solutions, their data is secure and with an established vendor which has implemented data privacy and security controls. Receiving this confirmation from an independent source further solidifies us as a leader in Portfolio Management for Private Capital Markets.”
About SOC 2 Type I
SOC2 Report is performed in accordance with AT 101 and based upon the Trust Services Principles. The Trust Service Principles which SOC 2 is based upon are modelled around four broad areas: Policies, Communications, Procedures and Monitoring. Each of the principles has defined criteria (controls) which must be met to demonstrate adherence to the principles and produce an unqualified opinion (no significant exceptions found during the audit).
The audit includes a full assessment of:
- Security: Data centers are protected against unauthorized access (both physical and logical).
- Availability: Data centers are available for operation and use as committed or agreed.
- Processing integrity: Processing is complete, accurate, timely and authorized.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed and destroyed in conformity with privacy principles issued by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA).
Trust principles predefine the criteria businesses must meet, making it easier for business owners to know what compliance needs are required and for users of the report to read and assess the adequacy.
For more information about SOC 2 audits, see the American Institute of Certified Public Accountants website.