Zasio Successfully Achieves SOC 2 Type 2 Certification
Zasio Enterprises, Inc., a global leader in business-to-business information governance and records management solutions, is pleased to announce that it has successfully completed the Service Organization Control (SOC) 2 Type 2 audit with respect to Zasio’s Versatile Software as a Service System. Zasio utilizes the Versatile System to provide its suite of records and information management SaaS solutions to customers. With an unqualified opinion for Versatile controls relative to security, Zasio’s SOC 2, Type 2 attestation report demonstrates the company’s commitment to security in delivering its SaaS solutions to customers around the globe. To comply with SOC2, Zasio had to demonstrate that it had established rigorous policies and procedures in accordance with the Trusted Services Criteria of security. “Zasio has made information governance security a top priority throughout our organization,” said Kevin Zasio, the company’s founder and president. “Achieving SOC 2 certification is another step in that goal.” The official audit report provides a thorough review of Zasio’s internal controls, policies, and processes for security. It also reviews Zasio’s processes relating to risk management and vendor due diligence, as well as Zasio’s entire IT infrastructure, software development lifecycle, change management, logical security, network security, physical and environmental security, and computer operations. The audit examination was conducted in accordance with attestation standards established by the American Institute of Certified Public Accountants. System Organization Control (SOC2) is a technical auditing process performed by an independent auditor who measures the security of an organization’s unique data processing systems and determines whether effective safeguards and controls are in place. The audit was conducted by Dansa D’Arata Soucia LLP (“DDS”), a full-service CPA firm based out of Buffalo, New York. Over the past decade, DDS has built a team of auditors dedicated to understanding the AICPA’s Trust Service Criteria and how properly applying best practices to comply with this set of criteria results in risk mitigation when it comes to protecting sensitive data.
Founded in 1987, Zasio has more than three decades of experience being at the forefront of records management and information governance. Zasio prides itself in its ability to foster a culture of innovation mixed with long-term thinking, which translates into offering leading-edge records and information management solutions along with unparalleled support to its customers. Stay up-to-date on Zasio by following us on LinkedIn and by subscribing to our monthly newsletter. Source: Zasio Enterprises, Inc.