Table of contents
Wilmington, Mass.— TraceLink Inc., the leading digital network platform company, announced today that it has successfully completed its System and Organization Controls (SOC) 2 Type II and International Standard on Assurance Engagements (ISAE) 3000 examination with zero exceptions or disclosures noted.
This independent audit and attestation means that TraceLink meets or exceeds industry standards for security, availability, and confidentiality Trust Service Criteria and recognizes that the company is compliant with leading industry standards for service providers managing enterprise data.
“This is an important announcement for us because it underscores our unwavering commitment to the highest standard of security and operational performance. SOC 2 Type II / ISAE 3000 provides trusted visibility and transparency to the breadth of our controls for operations and compliance,” said Shabbir Dahod, President and CEO of TraceLink. “Our customers can have confidence in our hosting of their mission critical information and confidential data. It is a point of pride for our team and gives our customers and partners assurance that we have integrated security best practices throughout our services.”
SOC 2 is a voluntary compliance standard for service organizations, developed by the American Institute of Certified Public Accountants (AICPA), which specifies how organizations should manage customer data. The requirements for SOC 2 Type II are more rigorous than for Type I because they include testing of the operating effectiveness of the controls for the selected Trust Services Criteria over a period of time, not merely design of controls on a specific date. Additional controls were included to ensure coverage with the ISAE 3000 framework for our international customers.
The SOC 2 / ISAE 3000 voluntary audit process was undertaken by TraceLink as part of its commitment to the best information and data security practices. To request a confidential copy of TraceLink’s SOC 2 Type II report, please email artifact-request [at] tracelink.com (artifact-request[at]tracelink[dot]com). TraceLink has also successfully completed its ISO/IEC 27001:2013 and ISO/IEC 27017:2015 audit and has been recertified.
ISO 27001:2013 is a risk-based set of information security requirements that require an organization to have a well-structured Information Security Management System (ISMS). ISO 27017:2015 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO/IEC 27002 and ISO/IEC 27001 standards.
TraceLink’s Information Security Management System (ISMS) has been independently verified to meet the requirements of both standards.
Further information on all of TraceLink’s certifications and attestations can be found here.
About TraceLink
TraceLink is the only business network creation platform for building integrated business ecosystems with multienterprise applications. Business networks are the foundation of an Industry 4.0 digitalization strategy that delivers customer-centric agility and resiliency of the end-to-end supply network leveraging the collective intelligence of an industry. TraceLink's OPUS Digital Network Platform enables speed of open innovation and implementation with a partner ecosystem for no-code and low-code development of solutions and applications.