FSI, the leading healthcare CMMS provider, is pleased to announce that it has successfully completed a System and Organization Controls (SOC) 2 Type 1 audit. The SOC 2 audit is one of the highest recognized standards of information security compliance in the world. Achieving a certification of this level signifies FSI’s dedication to maintaining data security and integrity at the highest level.
Developed by the American Institute of CPAs (AICPA) to allow a third-party auditor to validate a service company’s internal controls with respect to information security, the SOC 2 Audited Report is the auditor’s opinion on how an organization’s security controls meet the SOC 2 criteria.
“Successfully achieving compliance shows that our policies, procedures, and infrastructure meet or exceed the SOC 2 criteria,” expressed Derek Smith, Director of Technology at FSI. “Our diligence ensures our customers can trust and rely on us for security and data privacy, which is becoming more important every day. This proves our commitment to improving our information security program for our customers’ success.”
To obtain an audited SOC 2 Report, a third-party auditor reviewed internal controls, including policies, procedures and infrastructure regarding data security, firewall configurations, change management, logical access, backup and disaster recovery, security incident response and other critical areas of FSI’s business.
A Type 1 audit pinpoints a specific timeframe in which to assess security processes, while Type 2 assesses these processes over a period of six months. FSI has completed the first phase and is seeking a Type 2 audit next.
FSI plans to emphasize its approach to data security and privacy at the 2023 ASHE conference in San Antonio in August, which it has been attending for over 12 years.