ThinkOnward Security Statement
ThinkOnward maintains internal protocols relevant to security, processing integrity, and confidentiality. These protocols are upheld by our adherence to SOC 2 Type II cybersecurity controls and are subject to change as business needs evolve.
The Service Organization Control (SOC) Type 2 framework is leveraged by service providers to demonstrate the provider’s secure management of client data. ThinkOnward participates in the SOC 2 trust services criteria that examine security, processing integrity, and confidentiality protocols. These trust services criteria are depicted by the SOC 2 framework as follows:
Security
The objective of the security trust services criteria is to ensure information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems. Controls include:
- Control environment
- Communication and information
- Risk assessment
- Monitoring activities
- Control activities
- Logical and physical access controls
- System operations
- Change management
- Risk mitigation
Processing Integrity
The objective of the processing integrity trust services criteria is to ensure that system and information processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives. Controls include:
- Monitor processing errors
- Accuracy of system input and output
- Accuracy of data processing
- Data storage
- Data modification authorization
Confidentiality
The objective of the confidentiality trust services criteria is to ensure that information defined as confidential within the system is protected. Controls include:
- Data classification
- Data retention
- Data destruction
For more information, please contact us here.