CEDAR achieves all requirements of SSAE 16 SOC 2 with zero adverse findings

March, 2017 Atlanta, GA. CEDAR Document Technologies (CEDAR), a leading provider of hosted Customer Communication Management (CCM) and direct-to-consumer (D2C) servicing and payment solutions, announced that it has achieved SSAE 16 SOC 2 certification during Q4 2016. The certification is necessary for companies such as CEDAR that engage in business with financial services clients, especially in the banking, insurance, lending and finance industries.

The achievement marks the third year in a row CEDAR was certified at the SOC2 level with no adverse findings in the annual audit, performed by Grant Thornton.
SSAE 16, or The Statement on Standards for Attestation Engagements 16 regulation, was created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA). SSAE 16 (Service Organization Control) 2 certification, performed annually, broadly evaluates a company’s information systems based on SSAE’s five Trust Principles.

Those include:
Security: The system is protected against unauthorized access (both physical and logical).
Availability: The system is available for operation and use as committed or agreed.
Processing Integrity: System processing is complete, accurate, timely, and authorized.
Online Privacy: Personal information obtained as a result of e-commerce is collected, used, disclosed, and retained as committed or agreed.
Confidentiality: Information designated as confidential is protected as committed or agreed.

“We at CEDAR believe in full transparency with our auditors to ensure that we get as much guidance to improve our security posture as possible while also demonstrating our commitment,” said Eric Bray, Chief Information Officer for CEDAR. “We believe that this openness, both within our organization and with our auditors, is the only way to address any potential issues before they are problems. We look forward to making 2017 the fourth year with no findings.”

During a six-month window in 2016, Grant Thornton reviewed all of the company’s processes and required evidence for the testing period. The auditor randomly picked specific criteria, events and policies to make sure everything met SSAE 16 SOC 2 guidelines. Part of the audit was performed on-site at CEDAR and part of the information was provided in advance.

When doing business with certain types of financial services clients, SSAE SOC 2 certification is required. “Our customers expect it of us, our customers expect it of our vendors so we also audit our supporting vendors for the same,” Bray said.


About CEDAR Document Technologies (CEDAR)
CEDAR Document Technologies is a leading provider of hosted Customer Communication Management (CCM) and direct-to-consumer (D2C) servicing and payment solutions. CEDAR’s services include: real time and bulk data integration; comprehensive thin client content management tools; integrated delivery preference, composition and delivery services; centralized document and data archival; ACH and card payment services; and extensive API, reporting and dashboard services. Most importantly, the CEDAR CCM and D2C platforms provide a single source for all consumer activity for customers, marketing and support. www.cedardoc.com

Questions about CEDAR Document Technologies? Give us a call at (770) 395-5060 or email us at sales@cedardoc.com.

No comments yet.

Leave a Reply