As FourQ’s vice president of infrastructure, one of my most important responsibilities is to ensure the security of FourQ systems. In an age of state-sponsored hacking, ransomware, and non-stop phishing attacks, it’s an area where I spend a considerable amount of my time while being a source of frequent anxiety.
For this reason, I am happy to share that FourQ has successfully completed audits for SOC 1 Type 2 and SOC 2 Type 2 attestation reports. SOC 1 and SOC 2 reports affirm that FourQ has put in place and developed internal processes to safeguard and protect our customers’ financial data that they’ve entrusted to us. Specifically, to meet the requirements for SOC 1 Type 2 report (Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting (ICFR) and SOC 2 Type 2 report (Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy), we must demonstrate specific levels of security for financial transactions. And what the auditors have found is that, indeed, we do.
What does this mean for those who rely on FourQ to streamline intercompany financial management in their organizations? It means that you have a level of assurance, as validated by external auditors, that FourQ has put in place the measures necessary to safeguard your financial data--and that I’m doing my job correctly.
Interested in learning more about what comprises SOC 1 and SOC 2 reports? Here are two links to AICPA which provides greater detail: