IDS, a provider of enterprise solutions for the secured finance industry, completed its annual System and Organization Controls (SOC) audit and received validation reports for SOC 1 Type 2, SOC 2 Type 2 and SOC 3. A third-party validation provider conducted the audit over a six-month period to demonstrate the ongoing effectiveness of security controls for IDS and IDScloud.

“Trust is the foundation in any relationship,” Lisa Nowak, lead product manager with IDScloud, said. “IDScloud leads the market in delivering the most feature-rich, innovative platform serving secured finance companies. Completing SOC examinations for IDScloud provides transparency of our ongoing commitment to delivering the solutions our customers need combined with the security to ensure their data and their customers’ data is secure. It is through this effort that we work to maintain the trust placed in IDS by some of the leading brands in the secured finance industry.”

SOC is a set of guidelines generated by the American Institute of Certified Public Accountants (AICPA) and developed to ensure security, availability, confidentiality and process integrity of financial organizations.

The following details outline the SOC reports that IDS received for 2020-2021:

  • SOC 1 Type 2 reporting addresses internal controls over financial reporting and the development of products.
  • SOC 2 Type 2 reporting addresses IDScloud controls related to operations and security compliance.
  • SOC 3 features a public report of internal controls related to security, availability, processing integrity and confidentiality.

“Completing a SOC examination is a rigorous — and welcomed — process to provide our clients peace of mind that their data is secure with us and that we maintain effective internal controls and safeguards,” Craig Debban, senior director of IT and information security officer for IDS, said. “This highly regarded reporting means IDScloud ensures all appropriate control protocols are in place and working properly to safeguard data for our clients and our own operations.”

IDS has already started the 2021-2022 SOC audit observation period to extend validation of cloud security in all procedures and technologies. Additionally, IDS conducts its own periodic internal reviews and spot checks of its controls.

A publicly available portion of the SOC report is available here.