TERIS Among First eDiscovery Service Providers to Adopt SSAE-16 SOC 2 Security Standards

Company completes comprehensive professional audit of these standards, resulting in certification

Seattle, WA – July 31, 2012TERIS, a leading provider of eDiscovery and related litigation support and information governance solutions to corporations and law firms across the US and internationally, announced today that it recently completed a Type II Service Organization Control (SOC) 2 (or “SOC 2”) examination relevant to security, availability, confidentiality, and privacy. As a result, TERIS is now one of the first eDiscovery litigation support service providers to receive such a report and certification.

The SOC 2 examination, conducted by an independent auditing firm, formally evaluated the design and operating effectiveness of TERIS’ processes, procedures, and controls for compliance with the criteria set forth in the American Institute of Certified Public Accountants Trust Services Principles and Criteria. This examination demonstrates that TERIS is compliant with the relevant criteria and that its clients are being served by an SOC 2 standard controlled facility.

The examination’s completion has also provided TERIS with valuable insight into the people and procedures responsible for successful data center controls.

Kip Hauser“By meeting this comprehensive and rigorous standard, TERIS is able to provide our clients with an even greater degree of confidence that their critical data and information is secure in our facilities,” said Kip Hauser, TERIS Chief Operating Officer.

Earlier this year, the SOC Type II reports replaced SAS 70 Type II audits as the benchmark compliance report for organizations impacted by regulations such as HIPAA, PCI, and SOX. The new standards required TERIS to complete and submit a written assessment of the operating effectiveness and suitability of its controls, which was analyzed and validated in person by the independent auditors.

The 2011 SSAE 16 SOC 2 Type II examination covers the entire organization and its information technology infrastructure environment and client-facing systems including: data center operations, database administration, storage management, server administration, support, system backup and disaster recovery processes, as well as network operations, system monitoring tools and processes, system security (both logical and physical), and common support processes applicable to all lines of business and customers of the company.

All of TERIS operate under the same standards and follow the established SSAE 16 SOC 2 guidelines, best practices, policies, and procedures to maintain compliance and certification.


Leave a Comment

You must be logged in to post a comment.