Enterprise Compliance and Security Standards
oAppsNET has completed another successful audit of its system and organization controls, assuring the availability, processing integrity, security, confidentiality, and privacy of customer data.
What Is a SOC 2 Audit?
SOC stands for System and Organization Controls, a suite of services provided as part of the reporting platform of the American Institute of CPAs (AICPA).
Essentially, a SOC 2 audit examines and evaluates the operational controls of a business. This audit requires a company to document and adhere to comprehensive information security policies and procedures, among other responsibilities. The resulting report gives interested parties, such as prospects and customers, additional information and insight to make a decision about working with that business.
What Is a SOC 1 Audit?
SOC 1 audits focus on user entities, testing their relevant internal controls over financial reporting system design and operating effectiveness. We view SOC 1 audits and other periodic third-party reviews as a valuable resource to help enhance our current product and operations, especially when they address both the oAppsNET platform and oAppsNET Pay, our payments system.
What Is a Type 2 Report?
To earn a Type 2 report, a company must undergo testing over an extended period of time. Type 1 reports, on the other hand, test only a single moment in time. oAppsNET’s usual audit period for SOC 2 and SOC 1 covers 12 months, demonstrating our ongoing effort to uphold the Trust Services Principles.
oAppsNET has always voluntarily pursued the more demanding and comprehensive Type 2 report rather than the Type 1 report. Type 2 reports for both audits signal that our customers can expect high standards across oAppsNET’s operational, data security, and privacy practices, as well as stringent change management controls throughout our software development life cycle.
Our Commitment to Our Customers
Using an independent third-party to audit these controls is an investment companies do not take lightly. A SOC audit is, by design, an intrusive, time-consuming process designed to test a company on a variety of levels, necessitating active employee engagement and diligence across a broad swath of the organization. It’s a difficult process with a valuable payoff for our customers, and therefore one we are proud to undertake.
oAppsNET’s auditors determined that our controls were effectively designed and followed throughout the audit period. We intend to sustain our investments in customer-centric compliance in the years to come to protect both our business and the businesses of our customers.
Relevant portions of both reports are available upon request.