Strafford Technology recently underwent a Service Organization Control 2, Type II examination. The resulting CPA’s report states that Strafford management maintained effective controls over the data security of its Hyperion Managed Application Hosting solution.
The SOC 2, Type II report is an attestation report that expands the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations such as Amazon Web Services (AWS.) The AWS SOC 2, Type II is an evaluation of the design and operating effectiveness of controls that meet the criteria for the security principle set forth in the AICPA’s Trust Services Principles criteria.
The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) and the Canadian Institute of Chartered Accountants (CICA) for use by practitioners in the performance of trust services engagements:
- The system is protected against unauthorized access (both physical and logical).
- The system is available for operation and use as committed or agreed.
- Processing integrity. System processing is complete, accurate, timely and authorized.
- Information designated as confidential is protected as committed or agreed.
- Personal information is collected, used, retained, disclosed and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA and CICA.
Strafford leverages Amazon Web Services (AWS) to provide scalable and flexible Managed Hosting solutions for Oracle Hyperion, SAP BPC and other EPM applications. Contact us to learn more about the Strafford Cloud and our SOC reporting.