Eventus Solutions Group Successfully Passes SOC 2 Type II Audit
DENVER, CO – Eventus Solutions Group today announced receipt of its Service Organization Control (SOC) 2 Type II attestation engagement report. This report provides independent validation that Eventus’s internal security, availability and confidentiality controls operated in accordance with the American Institute of Certified Public Accountant (AICPA) applicable Trust Services Principles and Criteria (TSPC).
Conducted by CompliancePoint, a PCI Security Standard Council qualified security assessor company, the examination conducted a thorough review of Eventus’s policies and practices in three areas:
- Security – ensuring the system is protected against unauthorized access (both physical and logical)
- Availability – indicating system is available for operation and use as committed or agreed
- Confidentiality – ensuring information designated as confidential is protected as committed or agreed
The TSPC for Security, Availability and Confidentiality are organized into four broad areas: Policies, Communications, Procedures and Monitoring. CompliancePoint assessed Eventus’s conformity with each criterion across these four areas.
The AICPA created the SOC guidelines as an enhancement over the SAS 70 compliance standard. SOC 2 provides an authoritative benchmark for service organizations to demonstrate implementation of proper control procedures and practices. Type II reports include detailed testing of the operational effectiveness of the described systems’ security controls. The AICPA issued the most recent version of TSPC, the basis for SOC compliance, in 2014.
“SOC 2 compliance has become a requirement for some of the world’s largest companies as they are acquiring management consulting, system integration and managed services offerings,” said John Smiley, Eventus Chief Information Officer. “SOC 2 Type II certification gives our clients confidence that Eventus complies with their internal security policies and standards.”
It can be hard to fathom a life without customer service in it. Before remote desktop support, live chat and other contact center solutions, there were complex phone trees and outsourced call centers and before that there were buggy IVR systems and telephone switchboards connecting you to the store you purchased the product from.
The past few decades have seen the business world sway multiple times between call center outsourcing and internal call center operations.