In cloud application environments, customers often ask about the security controls and operational aspects around how the vendor – in this case RSA – hosts and manages its SaaS application. The industry standard best practice for presenting this information is the Service Organization Control (SOC) certification. RSA SecurID Access has achieved Type II, Service Organization Control 2 assessment on controls (known as SOC 2 Type II). The examination was performed by an independent CPA firm for the scope of service described below.
Examination Scope: RSA SecurID Access
Selected SOC 2 Trust Service Principles (TSPs): Security, Availability, and Confidentiality
Examination Type: Type II
Review Period: October 1, 2016, to March 31, 2017
How can I obtain a copy?
The report is available upon request by reaching out to your RSA contact.