Planview Enterprise Completes Cloud Security Audit SOC Type II
The audit serves as an important verification for Planview’s cloud customers as the software meet tough requirements for security, availability confidentiality, and privacy.
Planview® has announced that its cloud-based portfolio and resource management solution Planview Enterprise has successfully completed the Service Organisation Control 2 Type II audit. The audit serves as an important verification for Planview’s cloud customers as the software meet tough requirements for security, availability confidentiality, and privacy.
The SOC 2 Type II audit is a verification that the solution matches the criteria defined by the American Institute of Certified Public Accountants (AICPA) in their Trust Services Principles for security and availability.
“Data security and availability is a key priority for us as our customers use Planview Enterprise to optimise their resources and work,” said Planview Chief Information Officer Jerry Sanchez. “The SOC 2 Type II audit serves as a strong proof point of safeguarding our customers’ data and privacy.”
The Service Organisation Control 2 Report is performed in accordance with AT 101, requirements for non-financial reporting by Certified Public Accountants, and based upon the Trust Services Principles. The principles predefine criteria for vendors and business owners, making it easier to know what compliance needs are required and how to evaluate cloud solutions. The principles are based on four areas: policies, communications, procedures, and monitoring. Each of the principles have defined criteria (controls) which must be met to demonstrate adherence to the principles.
The audit includes a full assessment of:
- Security: Data centers are protected against unauthorized access (both physical and logical).
- Availability: Data centres are available for operation and use as committed or agreed.
- Processing integrity: Processing is complete, accurate, timely and authorised.
- Confidentiality: Information designated as confidential is protected as committed or agreed.
- Privacy: Personal information is collected, used, retained, disclosed and destroyed in conformity with privacy principles issued by the AICPA and the Canadian Institute of Chartered Accountants (CICA).
Planview Enterprise was recently rated as Enterprise-Ready by SkyHigh’s CloudTrust program.
This article was originally posted “Planview Enterprise Completes Cloud Security Audit SOC Type II” from Cloud Strategy Magazine.