Princeton Financial Systems announced the successful completion of the Service Organization Controls 2 (SOC2SM), Type 2 examination for the period October 1, 2011, through September 30, 2012, covering its eMIG21 investment compliance suite and ePAM investment accounting solutions. Princeton Financial is the first Software as a Service (SaaS) provider among its peer group to issue a SOC2, Type 2 controls report.
Established by the American Institute of Certified Public Accountants (AICPA), SOC2SM and its companion standard SOC1SM for financial reporting, replaced the Statement on Auditing Standards No. 70 (SAS70) as the official auditing framework for service organizations. The AICPA’s new guidelines entitled, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy (SOC2SM), expands the opportunities for service organizations to provide attest reports over areas outside of financial reporting, such as compliance with laws and regulations or the efficiency and effectiveness of operations.
SOC2, Type 2 engagements cover how Princeton Financial addresses criteria established by the AICPA related to compliance or operations, including security, availability, processing integrity, confidentiality, and privacy (also know as the Trust Service Principles). “Princeton’s ability to publish a report at first attempt reflects the strength in its controls and the commitment across its organization to perform at a level that meets and exceeds customer expectations regarding our services addressed by SOC2 criteria,” states Michael Dahl, Chief Legal Officer of Princeton Financial Systems. “This achievement is a benefit to both Princeton and its clients. We have made significant investments in our infrastructure, systems and training, which enables us to help clients better understand internal controls in their service organizations. We are proud to be among the first of our peers to successfully complete the service audit,” adds Dahl.