SOC 2 Type II Process

SOC 2 Type II Certification Process

Every year, DriveSavers undergoes a SOC 2 Type II audit that reviews the myriad of security and privacy protocols in place to protect customer data.

“The audit was clean without issues, the breadth of the audit is extensive, with well documented evidence. The control objectives and activities are in place, suitably designed, enforced and operating effectively,” said the report from Goetsch Associates, a CPA firm in Ft. Collins, CO that handles our yearly audit of operation.

“DriveSavers has certainly positioned itself as a leader in the industry. In an era of security breaches, the hosting of client data needs to be provided with the utmost security and reliability,” the report said. “I’m confident with the level of controls in place; DriveSavers has the defense needed to provide the level of data security and protection needed by its clients.”

What’s Covered?

SOC 2 Type II reports focus on controls at service organizations used to support:

  • Security: The system is protected against unauthorized access—both physical and logical.
  • Availability: The system is available for operation and use as committed or agreed.
  • Processing Integrity: System processing is complete, accurate, timely and authorized.
  • Confidentiality: Information designated as confidential is protected as committed or agreed.
  • Privacy: Personal information is collected, used, retained, disclosed and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in generally accepted privacy principles.

In addition, all DriveSavers employees must pass a thorough background check as part of our security protocols.

Click here for more details on SOC 2 Type II compliance and our other data security measures, including HIPAA, FERPA, SOX, GLBA and NIST 800.34.