Charles IT Aces SOC2 Audit
Connecticut tech support firm demonstrates impeccable internal controls
February 7, 2018 - Middletown, CT - When service companies are tasked with storing and securing large amounts of customer data, their duty is not simply to protect confidentiality, but also to ensure availability and integrity, and to demonstrate that the information systems in place minimize the risk of data exposure and maximize its usability.
Charles IT - a Middletown, CT technology solution provider - is one such service company where sustaining rock solid processes for handling customer data is essential; and based on the System and Organization Controls (SOC) developed by the American Institute of CPAs (AICPA), they’re doing it exceptionally well.
Charles IT’s range of high-level IT offerings includes “hosted” services like SaaS (Software as a Service), IaaS (Infrastructure as a Service), and DaaS (Desktop as a Service), which require them to employ cloud-based servers for storing their customers’ non-financial data.
This makes them a prime candidate for a stringent SOC assessment, so last October they opened up their systems to a team of certified SOC auditors who spent three days conducting a comprehensive SOC2 Audit. The auditors evaluated Charles IT’s systems across four general categories: Policies, Communications, Procedures, and Monitoring.
“We actually sought out the audit ourselves,” said Foster Charles, the company’s founder and CEO. “The auditors came in for three days and went through all of our processes in search of proof that we had all four areas covered.”
Charles IT received “exceptional” scores by meeting or exceeding an assortment of criteria known as Trust Services Principles, or TSPs. Satisfying the relevant TSPs during an SOC2 Audit indicates that an organization is operating high-performance internal IT systems.
“My team of engineers and technicians felt it was important that we knew exactly where we stood with respect to TSPs,” added Charles. “Plus, passing a SOC2 sets us apart from some of our competitors, and really gives our clients peace of mind that our internal systems and processes are in compliance.”
When assessing Charles IT’s TSPs, the SOC2 auditors looked closely at how procedures pertaining to their customers’ data security, availability, processing, integrity, confidentiality, and privacy were managed and maintained.
The conclusion they reached was that Charles IT exhibits a strict adherence to the principles, and no consequential exceptions to them were uncovered.
According to the AICPA, SOC2 Audits can also play an important role in regulatory oversight, vendor management programs, internal corporate governance, and risk management processes, and are recommended for service providers across industries.
These include Managed IT Service providers like Charles IT, as well as Data Center / Colocation companies, Data Analytics firms, Document Production businesses, and even enterprise-level cloud computing platforms like Amazon Web Services and Microsoft Azure.
For more information about Charles IT’s SOC2 Audit report, their data controls, or their services and solutions for small-business IT, contact them at 860-344-9628.