Employment Screening Resources Announces Completion of 2015 SOC 2 Type 2 Data Security Audit

SOC2-Logo_Revised

Written By Employment Screening Resources (ESR)

Employment Screening Resources® (ESR), a leading nationwide accredited background screening firm, has announced that independent auditors conducted a Service Organization Control (SOC) 2® examination of its operations for the six month testing period of January 2015 through June 2015 and issued a SOC 2® Type 2 report stating that ESR management maintained effective controls over the security, confidentiality, and privacy of its employee screening system and related data.

This annual, comprehensive, and independent examination ensures that ESR meets the current high standards set by the American Institute of Certified Public Accountants (AICPA) to protect customer and third-party information. NDB Accountants & Consultants LLP (NDB), a nationally recognized CPA firm specializing in regulatory compliance and consulting services, performed the examination and issued the report.

Having a SOC 2® Type 2 report to review is becoming increasingly important to ESR’s existing and potential customers seeking assurance about the effectiveness of controls related to the security, confidentiality, and privacy of the systems and information used by ESR to process the background check orders of customers. Financial institutions require it, and publicly traded as well as larger private companies are frequently asking for a SOC 2® report before selecting an outsourced service organization like ESR.

“We are pleased that our annual SOC 2® Type 2 report has once again shown that ESR has appropriate controls in place to secure and protect our systems and databases,” said Brad Landin, ESR’s President. Landin further stated: “ESR undergoes annual SOC 2® Type 2 audits to demonstrate our competency in protecting confidential and personally identifiable information of our clients and their employees from unauthorized access and use. This growing concern in today’s digital world needs to be addressed head-on, and ESR is committed to protecting any and all information we use in our background screening services.”

The SOC 2® Type 2 examination of controls at ESR was conducted using stringent criteria established by the AICPA. These internationally recognized standards address technological advances and associated risks including cloud services not covered in the now retired SAS 70 standards. The following principles and related criteria used in ESR’s SOC 2® examination were developed by the AICPA and the Canadian Institute of Chartered Accountants (CICA) for use by practitioners in the performance of trust services engagements:

  • Security: The system is protected against unauthorized access (both physical and logical).
  • Confidentiality: Information designated as confidential is protected as committed or agreed.
  • Privacy: Personal information is collected, used, retained, disclosed, and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in Generally Accepted Privacy Principles (GAPP) issued by the AICPA and CICA.

Employment Screening Resources® (ESR) – “The Background Check Authority®” – is accredited by the National Association of Professional Background Screeners (NAPBS), a distinction held by a small percentage of screening firms. ESR is also PCI Compliant and Safe Harbor certified. ESR’s Founder and CEO Attorney Lester Rosen literally wrote the book on background checks with “The Safe Hiring Manual.”

The ESR SOC 2® Audit Report confirms ESR meets standards set by the AICPA to protect the security, confidentiality, and privacy of consumer data used for background checks. Current and prospective customers wanting more information about ESR’s SOC 2® Type 2 report may email info@esrcheck.com. Additional information is available at www.esrcheck.com/SOC-2/.

© 2015 Employment Screening Resources® (ESR) – Making copies or using of any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.