Zumasys, a leading provider of cloud computing solutions for business critical applications, announced today that it has achieved Service Organization Controls (SOC) 2, Type 1 standards certification. The completion of this phase of Zumasys’ SOC 2 audit, completed by A-LIGN Security and Compliance, establishes that the company’s cloud computing business operations are in compliance with industry and regulatory standards and best practices.
As government and regulatory agencies increase requirements on companies to meet compliance and security standards, SOC certification is becoming a critical component of IT purchasing decisions. Customers want technology partners that are both capable and trusted. These qualities are especially important for customers in the financial industry. Achieving SOC 2, Type 1 certification gives Zumasys customers peace of mind and differentiates the company from the competition. Zumasys is able to provide a detailed report of its SOC 2 Type 1 certification to customers upon request, demonstrating to management and decision makers, the qualifications they need to make informed partnership choices.
“Most hosting providers are new to the business and don’t have the experience or the operational consistency to achieve this level of certification,” says Michelle Moreno, Operations Manager for Zumasys. “Our customers trust us to follow industry standards when it comes to managing the hosting of their most critical business applications. By becoming SOC 2 compliant, we are differentiating ourselves from our competitors and ratifying that confidence.”
The SOC 2, Type 1 audit scrutinized every aspect of Zumasys’ cloud service operations, including the nature of the service provided, how Zumasys interacts with user entities and subservice organizations, internal controls, and its limitations.
This Type 1 audit reports on standards and controls as of December 15, 2015. To complete its SOC 2 certification, Zumasys will also undergo a Type 2 audit later this year, ensuring that the company continues to align with the policies and procedures that were validated in the Type 1 audit.