PRIVACY AND SECURITY

With today's business environment increasingly focused on internal controls, you need to trust that our service operates within a highly secure and controlled environment. To illustrate our commitment to effective operational controls, and to privacy and security best practices, we undergo all three Service Organization Control (SOC) examinations every six months, have received an ISO 27001 certification for our Confirmation.com service, and are TRUSTe Privacy Policy certified. Collectively, these provide assurance about the controls we implement to protect privacy and confidentiality of our users' data and the security, availability and processing integrity of our system.

SOC LogoSOC 1, SOC 2, and SOC 3 Examinations
SOC reports examine controls over the services provided by service organizations. There are three types of SOC reports, and to address our customers varying needs, we complete all three SOC examinations. 

  • Type 2 SOC 1 prepared in accordance with SSAE 16 reports on the design and operating effectiveness of controls relevant to user entities' internal control over financial reporting.
  • Type 2 SOC 2 reports on the design and operating effectiveness of controls that affect the security, availability and processing integrity of the system used to process users' data and the confidentiality and privacy of the information processed by the system.
  • SOC 3 reports on whether a system complies with specified Trust Services Principles and criteria.

ISO 27001 Certification
BrightLine LogoISO 27001 is the globally recognized standard for the establishment and certification of an information security management system (ISMS). The standard specifies the requirements for establishing, implementing, operating, monitoring, maintaining and improving a documented ISMS within the context of the organization's overall business risks.

Confirmation.com's ISMS covers its online audit confirmation service and infrastructure including data and data environments, servers, source code, and internal networks related to its Brentwood, Tennessee, and Delray Beach, Florida, offices. 

 

TRUSTe European Safe Harbor certification

TRUSTe Certification
Confirmation.com abides by the EU Safe Harbor framework as outlined by the European Union and the U.S. Department of Commerce as certified by the Internet's most trusted and strictest third-party privacy policy issuer TRUSTe.