Nordis Direct, a provider of high-tech direct marketing and communications solutions, announced today that it has undergone a Service Organization Control 1SM (SOC 1SM) examination resulting in a CPA’s report stating that the management of Nordis Direct maintained effective controls of its direct marketing and critical document management solutions (Expresso) data infrastructure. The examination was performed by Chinye & Company, CPA, PA.
A SOC 1 SM report is designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls at a service organization that are relevant to the security, availability, or processing integrity of the system used by the service organization to process customers’ information, or the confidentiality or privacy of that information.
“Our SSAE 16 certification SOC 1report has shown that we have the appropriate controls in place to mitigate risks related to security, availability, processing integrity, confidentiality and privacy of our Direct Marketing and Expresso data infrastructure,” said Diego Samuilov, VP Information Technology.
“By demonstrating the establishment of control objectives and effectively designed control activities, the SOC 1report reinforces Nordis Direct’s corporate commitment to value, reliability, security and quality, to prospective customers and business partners, stated Ronnie Selinger, President and CEO of Nordis Direct.
The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) and the Canadian Institute of Chartered Accountants (CICA) for use by practitioners in the performance of trust services engagements:
- Security. The system is protected against unauthorized access (both physical and logical).
- Availability. The system is available for operation and use as committed or agreed.
- Processing integrity. System processing is complete, accurate, timely and authorized.
- Confidentiality. Information designated as confidential is protected as committed or agreed.
- Privacy. Personal information is collected, used, retained, disclosed and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA and CICA.
Current and prospective customers interested in a copy of our SOC 1SM report may send requests to info@nordisdirect.com.