Experiences refined for people
Data and information security are the backbone of trust in our digital world. That’s why, at KORTX, we proactively safeguard clients’ and customers’ sensitive information. Whether we’re gathering First-Party data in Axon or handling your billing info, KORTX protects your data.
Our journey through the meticulous SOC 2 Audit process clearly demonstrates this commitment. Dive in as we share our experience, reinforcing our pledge to uphold the highest data security and integrity standards.
At a high level, a SOC 2 audit is intended to test a company’s internal control environment to give an opinion of whether an organization can achieve its service commitment and requirements. For KORTX, we tested our controls specifically for the security trust criteria. The process leading up to the SOC 2 audit primarily involved documentation of all internal controls surrounding data security. An organization’s internal control policies and procedures must align with trust services criteria defined by the AICPA. This process can be time consuming, but once completed, the SOC 2 audit is relatively quick and painless.
Data security and privacy are fundamental to earning and maintaining the trust of our clients and their customers. Safeguarding sensitive information is not just a regulatory requirement but a critical aspect of business integrity.
Our commitment to data security and privacy ensures that all information entrusted to us is handled with the utmost care and responsibility. This commitment is central to our operations, fostering strong relationships with our clients, and upholding our reputation in the market.
Data security is always evolving at KORTX.
“As our technology and products evolve, so does our approach to data security. It’s not just about compliance; it’s about innovatively adapting to protect our client’s data in an ever-changing digital landscape. Our commitment to data security grows with every advancement we make.”
Our decision to pursue a SOC 2 audit was driven by our commitment to data security and a desire to formalize our existing practices. Over the years, we’ve built a robust information security policy and implemented strong internal controls.
The SOC 2 audit was a natural next step. This audit was a proactive measure to validate our efforts and assure our clients, especially in sensitive sectors like healthcare and finance, of our capabilities. The project allowed our team to formalize and polish procedures that were already in place across various departments like HR, finance, and engineering.
It’s about more than compliance; it’s about demonstrating our ongoing dedication to protecting data and maintaining a secure environment.
What did you learn from the audit process?
“Delving into the SOC 2 audit was a refreshing change from my usual accounting tasks. It gave me a unique opportunity to learn about the intricacies of data security – a whole new industry for me. This experience has been an exciting departure from everyday financial work.”
Our SOC 2 journey spanned the better part of six months, focusing on a thorough gap analysis and enhancing our robust security measures. We diligently worked across departments to formalize and document our procedures, culminating in an efficient audit that underscored our unwavering commitment to data security.
We officially received our SOC 2 report on October 31, 2023.
Heading into 2024, KORTX is dedicated to advancing data security, building on our SOC 2 compliance. We’re committed to annual SOC 2 audits and evolving security controls as our systems grow. This approach is part of our promise to lead the industry in data security while innovating our products and services and ensuring trusted solutions for our clients.
About the Author
Mike Porter has been the Head of Finance at KORTX for the past five years. When he’s not crunching numbers, he’s getting the best value for his greens fees by consistently taking more shots than all the other golfers on the course.
Here’s what we've been up to recently.
From us to your inbox weekly.
