CIO Influence
CIO Influence News Networking Security

Regulatory Compliance Expert, Certrec, Successfully Completes ISO 27001 Surveillance Review and SOC 2 Type 2 Examination

Regulatory Compliance Expert, Certrec, Successfully Completes ISO 27001 Surveillance Review and SOC 2 Type 2 Examination
Third-Party Assessment Found Controls in Place for Successful ISO 27001 Re-certification.

Certrec, a leading licensing and regulatory compliance provider for NRC and NERC compliance, announced it has maintained its ISO 27001:2013 certification for the eighth consecutive year and has successfully completed its fifth SOC 2 Type 2 examination with no findings. Compliance with these standards demonstrate continued commitment to information security.

An independent, third-party audit found Certrec’s technical controls, formalized IT Security policies and procedures, and physical security measures and countermeasures to be compliant with the standards and best practices that qualify Certrec as a secure vendor. Obtaining the ISO certification and a SOC 2 Type 2 clean report demonstrates Certrec’s continued commitment to the security, availability, and integrity of all Certrec products.

Recommended ITech News: DirectAsia Goes Live with Sapiens Digital Core Upgrade, Introducing New Digital Partnerships and Distribution Channels

“Certrec’s successful completion of the ISO 27001 Surveillance Review and SOC 2 Type 2 Examination is an achievement that speaks to the organization’s commitment to not only security in general, but to the ongoing maintenance and continual improvement of their information security management system,” stated Grayson Taylor, Senior Manager at Schellman & Company, LLC. “As both assessments have information security as a prominent component, Certrec’s leadership continues to demonstrate their commitment to this core principle throughout their organization.”

“We take threats to the availability, integrity, and confidentiality of our clients’ information seriously,” asserts Ted Enos, President of Certrec. “Our clients are assured that our compliance tools, information storage solutions, and physical security are protected by comprehensive information security controls, risk management practices, and the prevention of IT architecture security risks.”

As technology evolves and cyber security threats become more prevalent, Certrec is committed to maintaining and exceeding its security standards.

Recommended ITech News: Fermín Serna Joins Databricks as Chief Security Officer

Certrec Founded in 1988, Certrec is a leading regulatory compliance and advanced on-line technology service provider. Certrec’s highly skilled, experienced industry professionals possess degrees in a variety of engineering disciplines—such as civil, electrical, mechanical, and nuclear—as well as in physics, communications, business, and information technology. This accomplished team has direct working experience in all regulatory areas of licensing, compliance, and engineering, including nuclear, fossil, and renewable generation and transmission. This combination of direct industry experience with our innovative information technology capabilities has led to the development of advanced, web-based technology solutions and tools that help our clients manage the regulatory process.

Certrec’s industry professionals have direct working experience in all regulatory areas of licensing, compliance, and engineering. This expertise, combined with Certrec’s Information Technology assets, gives the electric power industry technology-based solutions and tools designed specifically to help them manage regulatory issues.

Recommended ITech News: Persistent Cited as Leader in ISG Provider Lens Archetype Report on Next Generation Hybrid Cloud Services

Certrec’s significant expertise in all facets of the regulatory process includes the realm of NRC and NERC regulatory compliance. Its Office of NERC Compliance staff have helped more than 120 different generating facilities establish and maintain NERC Compliance Programs. Currently, Certrec provides the entire NERC compliance program for more than 45 registered sites located in the US and Canada who trust our ability to decrease their regulatory, operational, financial, and public opinion risk.

Certrec is ISO/IEC 27001 certified, ensuring that its web tools and facilities comply with an internationally recognized standard of best practices regarding business, cyber and physical security, and control. Also, Certrec successfully completed a SOC 2 Type 2 examination where the scope of Document Management and Regulatory Services was examined against the Trust Services principles of Security, Availability, and Confidentiality. Certrec is committed to undergoing similar annual examinations and audits to maintain or exceed current levels of service.

Recommended ITech News: Automation Anywhere Appoints New Chief Marketing Officer to Accelerate Cloud RPA Growth

Related posts

Wiz and Carahsoft Partner to Bring Industry-Leading Cloud Security Solutions to the Public Sector

GlobeNewswire

IBM Signs Strategic Collaboration Agreement with Amazon Web Services to Deliver IBM Software as-a-Service on AWS

ServiceNow Announces a Strategic Collaboration Agreement With AWS

Business Wire

Leave a Comment