ILM Corporation Receives SSAE 16 / SOC-1 Type II Audit Report
ILM set out to give its customers even greater confidence in its financial and data safeguards by going through an SSAE 16 / SOC-1 Type II audit earlier this year. A hallmark of ILM’s values is its effort to show current and future clients that it has processes in place and is continually upgrading them in order to be trusted with sensitive and critical information. After an 8-month process of gathering information and refining processes, ILM received its SSAE 16 / SOC-1 Type II Audit Report in October 2017.
What is an SSAE 16 / SOC-1 Type II audit report? Essentially, the report investigates the internal controls of service organization related to financial reporting. The SOC-1 Type II audit looks to see if the organization’s controls are suitably designed and implemented for the safeguarding of sensitive information. While there are a few types of SOC-1 audit reports, the Type II audit specifically reviews the operating effectiveness of the controls over a period of time, normally a minimum of six months. ILM underwent the more rigorous Type II report as it shows the controls in process over a period of time and gives a better picture of how effective they are in the organization. The Type I report is just a snapshot of the processes on a given day and therefore not as comprehensive.
ILM management spent time preparing for the audit by gathering documentation and evidence demonstrating control procedures in place. A stringent field visit was conducted by an external certified auditing firm to review the controls. A few examples of the controls reviewed during the field visit were: human resource policies and practices, organizational structure and assignment, visitor access, building security, change management methodologies, and various network and server controls.
The SSAE 16 / SOC-1 Type II Report demonstrates that ILM has designed and implemented suitable and effective controls as a service organization handling and processing sensitive customer materials. As a business looking for a service organization to fulfill your needs, look for one that goes out of their way to ensure they have adequate safeguards and controls in place to protect your sensitive data.
Contact ILM today to learn more about its report or get started on a project.
