Professional Recovery Consultants is pleased to announce a new level of compliance, one that demonstrates our ability to protect hosted and processed data.
The SOC 2 Type II audit, defined by the American Institute of Certified Public Accountants (AICPA), is recognized worldwide as one of the strictest audit standards for service providers.
SOC stands for Service Organization Controls. It is a series of standards that helps measure how well an organization controls its information. To achieve any type of SOC certification, a company must be audited by an independent certified public accountant. He or she will determine whether the proper safeguards and procedures are in place.
The SOC 2 Type II audit is mostly for IT and cloud computing companies; it allows them to demonstrate that it meets and exceeds the industry’s accepted standards governing controls and protection of all hosted and processed data, on behalf of clients.
To complete a Type II audit, a company must let auditors examine their procedures and equipment for a minimum of six months. They examine the following:
- Security: The system has controls in place to protect against unauthorized access (both physical and logical).
- Availability: The system is available for operation and use as committed or agreed.
- Processing Integrity: System processing is complete, accurate, timely and authorized.
- Confidentiality: Information that is designated as “confidential” by a user is protected.
- Privacy: Personal information is collected, used, retained and disclosed in accordance with the operation’s privacy notice and principles set by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA).
As a debt collection agency, Professional Recovery Consultants handles a lot of private data. PRC underwent this strict process so that our clients can feel more comfortable knowing their customer information is secure.
We are proud to have reached this milestone and are happy to answer any of your questions about our processes.