For the third year in a row, Scribbles Software partnered with Lazarus Alliance for its annual AT-101 SOC 2 reexamination audit.
SCOTTSDALE, Ariz., June 25, 2020 (Newswire.com) - Lazarus Alliance, a leading cybersecurity, governance, risk, and compliance (GRC) firm, announces its partnership with Scribbles Software, developers of ScribOrder, a cloud-based records management solution for K-12 schools. Lazarus Alliance once again guided Scribbles Software through the rigorous AT-101 SOC 2 attestation reporting process and help the company design and implement internal cybersecurity policies and controls.
The SOC 2, which is part of the American Institute of Certified Public Accountants (AICPA) SOC reporting framework, utilizes the AT-101 professional standard. The SOC 2 was developed so that technology service providers could document that they adhere to comprehensive data security control procedures and practices. SOC 2 audits are voluntary. Companies choose to undergo them to assure their clients that they have implemented specific controls to effectively mitigate operational and compliance risks and provide consistent, reliable, and secure services.
"An independent audit of data security procedures and controls is crucial for all technology service organizations, especially in heavily regulated industries such as education, where Scribbles operates,” said Michael Peters, CEO of Lazarus Alliance. “The ScribOrder product is used to process and store K-12 students’ personal data. Child identity theft is a constant worry in the education industry, and schools need to be assured that their records management software employs the highest levels of data security. By issuing an SOC 2 report, Scribbles is demonstrating that the security of their clients’ data is their top priority.”
"Scribbles Software handles hundreds of millions of sensitive records for K-12 school districts and other educational institutions. As such we take data security extremely seriously. To ensure that we meet the standards, we have chosen Lazarus Alliance to handle our SOC 2 audit. We realize that this endeavor is an ongoing effort, and we are proud of our ongoing relationship with Lazarus Alliance as we continue to strive to exceed the SOC 2 standards," said Ron Christian, Managing Partner, Scribbles Software.
A SOC 2 attestation also requires the service organization to establish specific written information security policies and procedures. Lazarus Alliance is helping Scribbles develop cybersecurity policies in accordance with SOC 2 using the Continuum GRC IT Audit Machine, a software solution that automates governance, risk, and compliance.
“SOC 2 reports can be tricky,” explained Peters. “Not all components of the SOC 2 apply to every organization. The IT Audit Machine's built-in SOC 2 modules take a lot of the complexity out of the process and save our clients time, hassle, and money.”
Source: Lazarus Alliance