Data is now the world’s most valuable asset. We see every day how it empowers smarter and safer investment decisions and how the consequences of poorly managed data can be catastrophic.
To encourage accountability and security amongst outsourced data vendors, the American Institute of CPAs initiated the SOC 2 audit, which measures criteria across five “trust principles”: privacy, security, availability, processing integrity and confidentiality. dv01 is happy to announce we’ve successfully passed our SOC 2 Type 2 audit. This attestation provides evidence of our strong commitment to deliver high quality services to our clients by demonstrating the necessary internal controls and processes are in place.
SOC 2 engagements are based on the AICPA’s Trust Services Criteria. SOC 2 service auditor reports focus on a service organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. KirkpatrickPrice’s service auditor report verifies the suitability of the design and operating effectiveness of dv01’s controls to meet the standards for these criteria.
dv01 selected the security and confidentiality categories for the basis of their audit. The Security Criteria (also known as common criteria) must be included in any non-privacy SOC 2 engagement as it refers to the protection of information and systems. It demonstrates that systems at a service organization are protected against unauthorized access or risks. As dv01 deals with sensitive data, the Confidentiality Trust Services Criteria was also a clear choice to measure against as it addresses the agreements we have with clients in regards to how we use their information, who has access to it, and how to protect it.
Stay tuned as we continue to provide the highest quality solutions and scale up to pursue new asset classes and product lines that enforce our commitment to best security practices as we create a seamless user experience for all parties.