Planview® is announcing that its cloud-based portfolio and resource management solution Planview Enterprise has successfully completed the Service Organization Control 2 Type II audit. The audit serves as an important verification for Planview’s cloud customers as the software meet tough requirements for security, availability confidentiality and privacy.
The SOC 2 Type II audit is a verification that the solution matches the criteria defined by the American Institute of Certified Public Accountants (AICPA)in their Trust Services Principles for security and availability.
“Data security and availability is a key priority for us as our customers use Planview Enterprise to optimize their resources and work,” said Planview Chief Information Officer Jerry Sanchez. “The SOC 2 Type II audit serves as a strong proof point of safeguarding our customers’ data and privacy.”
The Service Organization Control 2 Report is performed in accordance with AT 101, requirements for non-financial reporting by Certified Public Accountants, and based upon the Trust Services Principles. The principles predefine criteria for vendors and business owners, making it easier to know what compliance needs are required and how to evaluate cloud solutions. The principles are based on four areas: policies, communications, procedures, and monitoring. Each of the principles have defined criteria (controls) which must be met to demonstrate adherence to the principles.
The audit includes a full assessment of:
- Security: Data centers are protected against unauthorized access (both physical and logical).
- Availability: Data centers are available for operation and use as committed or agreed.
- Processing integrity: Processing is complete, accurate, timely and authorized.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed and destroyed in conformity with privacy principles issued by the AICPA and the Canadian Institute of Chartered Accountants (CICA).
Planview Enterprise was recently rated as Enterprise-Ready by SkyHigh’s CloudTrust program.
For more information about SOC 2 audits, formerly known as SAS70, visit American Institute of Certified Public Accountants.