Date: August 25, 2023
RealAdvice systems have been audited to System and Organization Controls (SOC) 2 Type I (financial processes and security) and SOC 2® Type II (technology and cybersecurity), demonstrating that we have been proven to maintain the highest standards of care, privacy, and security for our clients’ information.
Successful SOC 2® assessments are significant achievements and reinforce RealAdvice’s dedication to data safety and integrity. Due to very significant required investments in time, organization, and resources, it is unusual for companies to complete both Type I and Type II audits; however, the double assessment reflects the unusual nature of RealAdvice’s services that span both categories. RealAdvice’s SOC 2 reports verify that internal controls have been designed and implemented to meet the requirements for the security principles set forth in the Trust Services Principles and Criteria for Security under the American Institute of CPAs (AICPA) Service Organization Control reporting platform. It provides a thorough review of how the company’s internal controls affect the security, availability, and integrity of the systems it uses to process client data, and the confidentiality and privacy of the information processed by these systems. This independent validation of security controls is crucial for customers in highly regulated industries.
In addition to annual independent financial audits, RealAdvice is audited annually to maintain its SOC 2 Type I and Type II certifications.
A-LIGN (a nationally recognized certification firm registered with the AICPA) conducted the audit. A-LIGN is the only end-to-end cybersecurity compliance solutions provider with readiness to report compliance automation software paired with professional audit services, trusted by more than 4,000 global organizations to help mitigate cybersecurity risks. A-LIGN uniquely delivers a single-provider holistic approach as a licensed CPA firm to SOC 1 and SOC 2 Audit services, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, HITRUST CSF Assessor firm, accredited FedRAMP 3PAO, authorized CMMC C3PAO, PCI Qualified Security Assessor Company, and PCI SSC registered Secure Software Assessor Company.
- RealAdvice: https://RealAdvice.com/Innovation
- A-Lign: https://A-Lign.com
- AICPA System and Organization Controls Criteria: https://www.aicpa-cima.com/resources/landing/system-and-organization-controls-soc-suite-of-services