BrainCert Is Now a SOC 2 Type 1 Compliant Company
We are excited to announce that we’ve successfully completed the SOC 2 Type 1 audit and are now a SOC 2 Type 1 Certified Company. Being an eLearning solutions provider catering to a global clientele, BrainCert has always kept data privacy & information security at the heart of everything the company does and makes compliance with security standards and regulations a high priority.
The SOC 2 Type 1 audit is an internationally renowned assessment process that evaluates the design of security processes in an organization at a specific point in time to ensure that the information & customer data protection systems at BrainCert are fully capable of implementing critical security policies & to identify, control, & eliminate any potential security risk.
What is SOC 2 Compliance?
SOC 2 Compliance is a compliance standard developed by the American Institute of CPAs (AICPA) for service organizations. This information security standard has been devised based on five trust service criteria
1. Security
2. Availability
3. Processing integrity
4. Confidentiality
5. Privacy
SOC 2 Reports
There are two types of SOC 2 reports:
2. Type 1 Audit report– The Type 1 Audit Report assesses the service organization’s information security systems and the suitability of the design of the controls to achieve the related control objectives as of a specified date.
1. Type 2 Audit Report- The Type 2 report audits the fairness of the service organization’s information security systems and controls to achieve the related control objectives throughout a specified period.
Compliance with SOC 2 type 1 means that BrainCert maintains a high level of information security and the information & data security systems at BrainCert are fully capable of implementing critical security policies & to identify, control, & eliminate any potential security risk.
What is the process behind being awarded the SOC 2 Type 1 Compliance?
SOC 2 Type 1 compliance certification involves an external audit by an approved CPA agency with relevant information technology (IT) and security skills. The external auditors will thoroughly inspect the practices, policies, and procedures that are in place in an organization to assess whether its security systems meet the requirements of the Standard.
At BrainCert, we began preparing for the process almost six months back by reviewing our systems & internal processes, identifying the flaws in our systems, and introducing new security systems & the right security policies, and procedures. The final stage included an extensive audit conducted by an external certification agency who thoroughly checked all elements of our security systems.
Because we collaborate with multi-faceted clients from across the globe, we wanted to ensure that there were no stones left unturned when it comes to security & data privacy. Though SOC 2 is a voluntary compliance, we wanted to ensure that there were no stones left unturned when it comes to security & data privacy.
We have successfully passed our SOC 2 Type I audit that affirms BrainCert's information security practices, policies, procedures, and operations meet the SOC 2 standards for security, availability, confidentiality, and privacy. Our customers can feel confident that we are making every investment to establish and maintain the highest level of security and compliance.
- The BrainCert Team