RedVision, an independent national provider of title and real property research solutions, announced the successful completion of a comprehensive Service Organization Controls 2 (SOC 2) Type 1 standards of control examination. This independent affirmation confirms that RedVision’s critical controls effectively are managing the security, availability and confidentiality of client information.
The SOC 2 is based on Trust Services Principles, which according to the American Institute of Certified Public Accountants (AICPA), “helps differentiate entities from their competitors by demonstrating to stakeholders that the entities are attuned to the risks posed by their environment and equipped with the controls that address those risks.”
Completion of the SOC 2 Type1 examination indicates that RedVision’s processes, procedures and controls involved in storing, handling and transmitting data securely have been evaluated formally and tested by an independent audit firm. The evaluation included a rigorous assessment of the company’s data center security management, written policies and procedures, physical security, network architecture, user access management, network and systems monitoring, and software development and resulted in validation of RedVision’s best-practice standards.
“Many of our clients rely on us to protect their clients’ information,” RedVision CEO Brian Twibell said. “As a result, RedVision has continuously implemented best-practice controls demanded by their customers to address information security and compliance risks. Earning this accreditation demonstrates RedVision’s continued commitment to maintaining the industry’s highest control standards for operations, compliance and security.”
RedVision’s customers can incorporate its Service Auditor’s Report in the customers’ compliance programs as proof that appropriate controls are in place. The SOC 2 report may assist customers comply with other regulations, including those from the Consumer Financial Protection Bureau (CFPB).
“Data security and privacy are top priorities for RedVision,” RedVision Chief Technology Officer Joe Ross said. “The successful completion of the comprehensive examination reaffirms RedVision’s ongoing commitment to creating and maintaining best-practice industry controls for the highest protection and security of our customers’ sensitive information.”
A SOC 2 examination is recognized widely because it represents that a service organization has been through a comprehensive evaluation of its control activities as they relate to the applicable Trust Services Principles and Criteria. A Type 1 report not only includes the service organization’s system description but also includes detailed testing of the design and operating effectiveness of the service organization's controls.