April 11, 2019

[et_pb_section fb_built=”1″ _builder_version=”3.21.3″ custom_padding=”0|0px|27.296875px|0px|false|false”][et_pb_row custom_padding=”0|0px|13.640625px|0px|false|false” _builder_version=”3.21.3″][et_pb_column type=”4_4″ _builder_version=”3.0.47″][et_pb_text _builder_version=”3.21.4″]

Part 1:

A New Link in the Secure Data Supply Chain

[/et_pb_text][et_pb_code _builder_version=”3.21.4″][/et_pb_code][et_pb_text _builder_version="3.21.4"]

Alliant recently received SOC 2 attestation for its real-time consumer data systems. The audit procedures by an independent third-party accounting firm were challenging, costly, and time-consuming, but ultimately rewarding.

The process involved multiple subject matter experts working laterally across Alliant’s business units. The reviews were rigorous, with extensive documentation requirements, but in the end, the process was valuable and the entire company developed a heightened awareness for security policies and procedures. It helped Alliant reaffirm across teams that data security and integrity is a competitive advantage — and the process itself challenged each team to actively think about and defend its data practices.

After a six month effort, Alliant is now a certified member of the secure data supply chain. Information entrusted to us from our cooperative members and partners is confirmed to be held securely and processed correctly.

Data and analytics information is sensitive, and Alliant believes that all data providers should be on the vanguard of obtaining security certifications — and should seek out partners that do likewise. This is a conversation management in every company that relies on consumer information to conduct business should be having.  And if you’re thinking seriously about putting your company through an information security audit, we are confident that the lessons we learned can help you too.

[/et_pb_text][et_pb_text _builder_version="3.21.4" text_font="||||||||" text_font_size="10px" border_color_all="rgba(0,0,0,0)" border_width_top="3px" custom_padding="2px||"]

*This post is provided for informational purposes only and is not legal advice. Each organization should work with qualified counsel to understand its obligations and opportunities for improved data quality and approved certifications.

[/et_pb_text][et_pb_toggle title="What is SOC 2?" open_toggle_text_color="#1a325e" closed_toggle_text_color="#FFFFFF" closed_toggle_background_color="#1a325e" icon_color="#FAA81A" _builder_version="3.21.4" title_font="||||||||" title_text_color="#FFFFFF" title_font_size="18px" title_line_height="0.9em" body_font="||||||||" body_font_size="11px" body_line_height="1.9em" background_color="#f2f2f2" border_width_all="0px" border_width_bottom="2px" border_color_bottom="#1a325e"]

SOC 2 is an auditing procedure that ensures a service provider securely manages data to protect its clients. For security-conscious businesses, SOC 2 compliance is a mandatory requirement when considering a service provider. The SOC 2 standard is based on the criteria outlined in the Description Criteria authored by the AICPA, the American Institute of Certified Public Accountants