Runbeck Election Services, a leader in ballot printing and mailing services, has partnered with cyber security and GRC firm Lazarus Alliance for an AT-101 SOC 2 Type 2 audit.
Scottsdale, AZ, March 27, 2018 (Newswire.com) - Lazarus Alliance, a leading cyber security, governance, risk, and compliance (GRC) firm, today announces its partnership with Runbeck Election Services, one of the nation’s leading election and high-integrity print and mail professionals. Lazarus Alliance will perform an independent AT-101 Service Organization Control 2 (SOC 2) Type 2 audit.
The SOC 2 is part of the American Institute of Certified Public Accountants (AICPA) SOC reporting framework and utilizes the AT-101 professional standard. Unlike the SOC 1, which focuses on financial reporting controls, an SOC 2 attestation documents service organizations’ non-financial reporting controls. Organizations undergo independent SOC 2 audits to assure their clients that their organizations have implemented specific controls to keep clients’ sensitive data secure over time. An SOC 2 Type 1 audit provides a snapshot of an organization’s controls at a point in time, while an SOC 2 Type 2 audit examines them over a specified period.
“The integrity of our nation’s election system is the backbone of our democracy,” said Michael Peters, CEO of Lazarus Alliance. “By releasing an SOC 2 attestation, Runbeck Election Services is demonstrating to its clients that it maintains a sound control environment that meets the highest standards of security and privacy.”By releasing an SOC 2 attestation, Runbeck Election Services is demonstrating to its clients that it maintains a sound control environment that meets the highest standards of security and privacy.
SOC 2 attestations are based on AICPA’s Trust Service Principles of Security, Availability, Processing Integrity, Confidentiality, and Privacy. Reporting organizations are not required to address all of the Trust Service Principles; SOC 2 attestations can be limited to the principles that are relevant to the services being provided. Runbeck Elections’ SOC 2 attestation will focus on the principles of Security, which attests that the service organization protects information and systems against unauthorized access, information disclosure, and damage; and Privacy, which attests that the service organization collects, uses, retains, discloses, and disposes of personal information properly.
To perform Runbeck Elections’ SOC 2 audit, Lazarus Alliance is utilizing Continuum GRC’s IT Audit Machine (ITAM), an IRM GRC software solution that automates governance, risk, and compliance processes.
“ITAM comes with built-in modules and harmonized controls covering various compliance requirements, including AT-101 SOC 2,” Peters explained. “It eliminates the need for spreadsheets and other manual processes, allowing us to save our clients time, money, and aggravation and get them from zero to compliant in record time.”
Source: Lazarus Alliance