The Network’s SOC 2 audit was performed by the independent firm of Cherry, Bekaert & Holland, L.L.P. (CB&H) and recognizes The Network’s commitment to providing secure, reliable and effective operations.
Software as a Service (SaaS) service organizations must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers. The Network has affirmed our operational and compliance controls with the successful completion and receipt of the Service Organization Controls Report (SOC 2). This supersedes the Statement on Auditing Standards No 70 (SAS 70).
The SOC 2 attests that all operational and compliance controls for our GRC software solutions maintain the following principles: (1) Security – The system is protected against unauthorized access (both physical and logical); (2) Availability – The system is available for operation and use as committed or agreed; (3) Processing Integrity – System processing is complete, accurate, timely and authorized; (4) Confidentiality – Information designated as confidential is protected as committed or agreed; and (5) Privacy – Personal information (i.e. information that is about or can be related to an identifiable individual) is collected, used, retained, disclosed, and destroyed in conformity with the commitments in The Network’s privacy notice and with criteria set forth in generally accepted privacy principles (GAPP) issued by the AICPA and CICA.