TazWorks has satisfied the requirements to receive our SOC 2 attestation report. The audit, which was performed by The Cadence Group, a certified corporate accounting firm, confirmed that we have built effective controls and processes that meet or exceed the standards for the security of our background screening software and corporate operations.
The report defines TazWorks’ controls and processes that adhere to the AICPA’s trust service principles related to the following areas:
- Security: TazWorks is protected against unauthorized access, through sufficient firewalls, multi-factor authentication, intrusion detection, and more.
- Availability: The system is consistently available for operation and use, with more than 99.95% uptime and continuous performance monitoring.
- Confidentiality: Confidential information stays that way through encryption, access controls and permissions, firewalls, and internal information policies and procedures.
“This report proves our commitment to providing the best quality software for the background screening industry by meeting the highest standards of security, availability, and confidentiality,” says Scott Kimball, TazWorks CTO. “We apply the most rigorous security methods and monitoring possible in every aspect of our technology, and now we have an additional layer of transparency that allows our current and prospective customers to understand exactly how we do that.”
“SOC 2 compliance goes beyond the software we’ve built and maintain,” adds Joe Olsen, TazWorks COO. “To achieve this report, we must have strict operating procedures in place for every aspect of our organization. Achieving this standard shows that even with the many regulations in the background screening industry, consumer reporting agencies can feel confident knowing they’re using the best software service possible when they choose TazWorks.”
Consumer reporting agencies use TazWorks software to perform millions of criminal and credit checks, drug tests, reference verifications, and more each month for employment, tenant, and volunteer screening. As SOC 2 reports are becoming more and more frequently requested by clients and required in RFPs, having these standards already in place will give you the competitive edge you need when selling your services to continue growing the more than 300,000 organizations our CRAs serve.
TazWorks’ commitment to high standards for security, availability, and compliance means that they also maintain PCI DSS and EI3PA certifications, regular security audits performed by The Cadence Group, continuous monitoring by Qualys, and GDPR compliance.