ESR SOC 2® Report
The Employment Screening Resources (ESR) SOC 2® Type II Report – which is conducted annually – confirms ESR meets high standards set by the American Institute of Certified Public Accountants (AICPA) for protecting the privacy, security, and confidentiality of consumer information used in the background check process. NDB Accountants & Consultants LLP (NDB), a nationally recognized Certified Public Accounting (CPA) firm specializing in regulatory compliance and consulting services, performed the examination and issued the SOC 2 report.
SOC (Service Organization Control) Reports are conducted using stringent criteria established by the AICPA. These internationally recognized standards address technological advances and associated risks including cloud services not covered in the now retired SAS 70 standards. The principles and criteria used in ESR’s SOC 2 audit were developed by the AICPA and the Canadian Institute of Chartered Accountants (CICA) for use by practitioners in trust services engagements:
- Privacy: Personal information is collected, used, retained, disclosed, and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in Generally Accepted Privacy Principles (GAPP) issued by the AICPA and CICA.
- Security: The system is protected against unauthorized access (both physical and logical).
- Confidentiality: Information designated as confidential is protected as committed or agreed.
The SOC 2 Type 2 report is becoming increasingly important to ESR’s existing and potential customers seeking assurance about the effectiveness of controls related to the privacy, security, and confidentiality of consumer information used to process background checks. Financial institutions require it, and publicly traded larger private companies are frequently asking for a SOC 2 report before selecting an outsourced service organization like ESR.