TraceLink Inc., the leading digital network platform company, announced today that it has successfully completed its System and Organization Controls (SOC) 2 Type II and International Standard on Assurance Engagements (ISAE) 3000 examination with zero exceptions or disclosures noted.
This independent audit and attestation means that TraceLink meets or exceeds industry standards for security, availability, and confidentiality Trust Service Criteria and recognizes that the company is compliant with leading industry standards for service providers managing enterprise data.
“This is an important announcement for us because it underscores our unwavering commitment to the highest standard of security and operational performance. SOC 2 Type II / ISAE 3000 provides trusted visibility and transparency to the breadth of our controls for operations and compliance,” said Shabbir Dahod, President and CEO of TraceLink. “Our customers can have confidence in our hosting of their mission critical information and confidential data. It is a point of pride for our team and gives our customers and partners assurance that we have integrated security best practices throughout our services.”
SOC 2 is a voluntary compliance standard for service organizations, developed by the American Institute of Certified Public Accountants (AICPA), which specifies how organizations should manage customer data. The requirements for SOC 2 Type II are more rigorous than for Type I because they include testing of the operating effectiveness of the controls for the selected Trust Services Criteria over a period of time, not merely design of controls on a specific date. Additional controls were included to ensure coverage with the ISAE 3000 framework for our international customers.
The SOC 2 / ISAE 3000 voluntary audit process was undertaken by TraceLink as part of its commitment to the best information and data security practices. To request a confidential copy of TraceLink’s SOC 2 Type II report, please email artifact-request@tracelink.com.
TraceLink has also successfully completed its ISO/IEC 27001:2013 and ISO/IEC 27017:2015 audit and has been recertified.
ISO 27001:2013 is a risk-based set of information security requirements that require an organization to have a well-structured Information Security Management System (ISMS). ISO 27017:2015 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO/IEC 27002 and ISO/IEC 27001 standards.
TraceLink’s Information Security Management System (ISMS) has been independently verified to meet the requirements of both standards.
Further information on all of TraceLink’s certifications and attestations can be found here.
For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybersecurity, go to AI-Techpark.com.
