The designation offers assurance of securely managed data and client privacy in these Human Resources systems.
The designation verifies whether a service organization complies with requirements relevant to security, processing integrity, availability, confidentiality, and privacy.
“Engaging in the SOC 2 examination process has allowed CMA to demonstrate its core commitment to ensuring the highest levels of privacy and security in its product offerings. Securing client and partner data in these trusted solutions is, above all, our highest priority,” said Marc S. Roman, CISO.
The SOC 2 Type 1 reports on the LATSnet and HRISnet systems and how suitably their controls (administrative, technical, and logical) were designed. The completed examination indicates that selected CMA processes, procedures and controls have been formally evaluated and tested by an independent accounting and auditing firm. The report assures CMA’s customers that we properly and securely protect their data within our data center and information systems.
A SOC 2 examination is performed in accordance AICPA attestation standards. SOC 2 is designated as an acceptable method for a user entity’s management to obtain assurance about service organization internal controls over Security without conducting additional assessments.
A SOC 2 examination is widely recognized, because it represents that a service organization has been through an evaluation of their control activities as they relate to the applicable Trust Services Categories and Criteria. A Type I report includes management’s description of the service organization’s system and the suitability of the design of controls as of a specified date.