System and Organization Controls (SOC) validates Solifi Open Finance Platform system controls in place to safeguard data for clients and internal operations
Solifi (formerly IDS), a leading provider of enterprise mission-critical solutions for the secured finance industry, recently completed its annual System and Organization Controls (SOC) audit and received validation reports for SOC 1® Type 2, SOC 2® Type 2, and SOC 3®. This was conducted by a third-party validation provider over a six-month period to demonstrate the ongoing effectiveness of security controls for Solifi and the Solifi Open Finance Platform, formerly known as IDScloud.
“Trust is the foundation in any relationship,” says Lisa Nowak, Lead Product Manager with Solifi Open Finance Platform. “Solifi leads the market in delivering the most feature-rich, innovative platform serving secured finance companies. Completing SOC examinations provides transparency of our ongoing commitment to delivering the solutions our customers need, combined with the security to ensure their data, and their customer’s data is secure. It is through this effort that we work to maintain the trust placed in Solifi by some of the leading brands in the secured finance industry.”
SOC is a set of guidelines generated by the American Institute of Certified Public Accountants (AICPA) and developed to ensure security, availability, confidentiality, and process integrity of financial organizations. For Solifi, an established third-party business and accounting firm performed onsite and virtual audits completing reports on the effectiveness of the Solifi Open Finance Platform.
The following outlines the SOC reports that Solifi received for 2020-2021:
- SOC 1 Type 2 reporting addresses internal controls over financial reporting and the development of products.
- SOC 2 Type 2 reporting addresses controls related to operations and security compliance.
- SOC 3 features a public report of internal controls related to security, availability, processing integrity and confidentiality.
“Completing a SOC examination is a rigorous – and welcomed – process to provide our clients peace of mind that their data is secure with us and that we maintain effective internal controls and safeguards,” says Craig Debban, Chief Information Security Officer at Solifi. “This highly regarded reporting means our software ensures all appropriate control protocols are in place and working properly to safeguard data for our clients and our own operations.”
While completing and receiving SOC reports validates Solifi’s commitment to ensuring data security and availability for its clients, the company recognizes a strong security posture is a daily around-the-clock commitment. The company has already started the 2021-2022 SOC audit observation period to extend the validation of cloud security in all procedures and technologies. Additionally, Solifi conducts its own periodic internal reviews and spot checks of its controls.
You can access a publicly available portion of the SOC report here.