Truv’s security team is excited to announce that the company has successfully completed its SOC 2 Type 2 audit. We are pleased that our SOC 2 report has shown that we have the appropriate controls in place to mitigate risks related to the services we provide to our customers
SOC 2 engagements are based on the AICPA’s Trust Service Criteria. SOC 2 audit reports focus on a Service Organization’s non-financial reporting controls as they relate to Security, Availability, Confidentiality, Processing Integrity and Privacy of systems.
The audit was conducted by Johanson Group LLP (www.johansonllp.com). In doing so Truv maintains its adherence to one of the most stringent, industry-accepted auditing standards for service companies and provides additional assurance to its clients, through an independent auditor, that its business process, information technology and risk management controls are properly designed.
The official audit report provides a thorough review of Truv’s internal controls, policies, and processes for verification of income and employment. It also reviews Truv’s processes relating to risk management and subservice (vendor) due diligence, as well as Truv’s entire IT infrastructure, software development life cycle, change management, logical security, network security, physical & environmental security, and computer operations.