Los Angeles, CA (July, 2016)
We are pleased to announce the successful completion of BDIís annual Service Organization Control (SOC) 2 Type II audit review (audit performed by Marcum, LLP*). The audit results demonstrate our commitment to the highest available standards for security, privacy and service support available in our industry.
The AICPAís SOC examination guidelines, and the resulting Independent Service Auditor Report, provides detailed information about BDI's security policies and offers assurance in our ability to protect your organization's vital information.
A copy of the SOC 2 Report is now available for direct download by BDI customers via Client Connect, BDIís secure user interface. After logging in, please visit the Admin Reports tab and click on the Legal Publications folder. Moving forward, you will be able to obtain other up-to-date vendor due diligence information by visiting Client Connect.
The American Institute of Certified Public Accountants (AICPA) publishes Service Organization Control (SOC) guides for auditors to utilize when reporting on controls at service organizations.
SOC 2 is based on AT Section 101 of the AICPA professional standards. A SOC 2 report examines controls at a service organization relevant to the security, availability, or processing integrity of a system or the confidentiality or privacy of the information contained in the system (e.g., BDI). These audits are based on the Trust Service Principles, Criteria and Illustrations (AICPA, Technical Practice Aids) established jointly by the AICPA and the Canadian Institute of Chartered Accountants (CICA). A SOC 2 report is intended for existing customers and their auditors, not potential customers or the general public.
In any SOC engagement, the auditor provides a Type I or a Type II report. Type I reports document an auditor's opinion regarding the accuracy, completeness and suitable design of an organization's controls as of a set date. Type II reports audit the implementation of these controls over a set period of time, typically 6 months to a year, with sample testing of each controls' operating effectiveness during the defined period.
BDI completed its annual SOC 2 Type II audit review. According to the AICPA, there is no "Certified" designation.
Look for new information to be posted and referenced on our website or contact us directly if you have any questions.