Vestmark

Request a Demo
Press Release < Back to Press & Events

Successful Completion of SOC Audits Demonstrates Vestmark's Ongoing Commitment to Clients' Data Security

For the Fifth Consecutive Year, Vestmark Conducts Audits on Information Security and Accounting Controls and Processes for VestmarkONE® SaaS Platform, as well as Outsourced Services Offering

WAKEFIELD, Mass., April 1, 2020 /PRNewswire/ -- Vestmark announces that it has successfully completed two versions of the Statement on Standards for Attestation Engagement No. 18 (SSAE 18) Type II examination, which test an organization's controls and processes related to data security and accounting.

The SSAE 18 Type II exam, also known as Service Organization Control (SOC) 1 Type II, and the SOC 2 Type II audit, were conducted on both Vestmark's software-as-a-service (SaaS) platform, VestmarkONE®, and its outsourced service offering. The audits were performed by the assurance solutions and compliance firm Skoda Minotti for the fifth consecutive year. As a result of these audits, Vestmark received Service Auditors' Reports demonstrating its procedures, controls, and infrastructure met or exceeded the SOC 1 and 2 criteria for data protection, confidentiality, security, and operational efficiency.

"It is vital that our customers have peace of mind that the confidential information they entrust to us is fully protected," said Charles D. Johnson, Chief Information Officer of Vestmark. "Vestmark is committed to continuously focusing on this area as a firm, and we continue to expand the complexity of the audits we undertake in order to ensure our internal controls and procedures remain on the cutting edge."

SOC 1 and SOC 2 are internationally recognized auditing standards developed by the American Institute of Certified Public Accountants (AICPA). The SOC 1 examination for a SaaS platform validates the data integrity of the system for user organizations. This provides clients with the confidence that their data is secure and accurate. The scope of the review includes controls and procedures related to the secure storage, handling, software development, change management, and transmission of data. Vestmark's audited functions included network connectivity, firewall configuration, disaster recovery, database access, data backup, and fire suppression.

The SOC 2 examination focuses on controls and procedures related to compliance and operations, in accordance with the AICPA's Trust Services criteria. The AICPA Trust Services criteria serve as an industry standard in data security, which validates that Vestmark has a vested interest in maintaining world-class information security.

"Since Vestmark first sought us out to perform these rigorous SOC examinations five years ago, we have been consistently impressed with the firm's best-in-class technology and business infrastructure," said Ben Osbrach, CISSP, CISA, QSA, Partner-in-Charge of the Risk Advisory Group at Skoda Minotti. "With SaaS platforms and business outsourcing services becoming more commonplace in financial services and other industries, it is crucial for organizations like Vestmark to demonstrate they have strong accounting controls as well as the capabilities to safeguard confidential data. Vestmark continues to maintain one of the most robust data security programs in the industry, supported by excellent operational controls."

SOC reports have become increasingly vital under Sarbanes-Oxley regulations, which require companies to ensure their third-party service providers have adequate internal data security and accounting controls. Vestmark customers can use the firm's Service Auditor Reports to demonstrate Sarbanes-Oxley compliance, as well as compliance with Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), and ISO 27001 regulations.

Back to Press & Events


About Vestmark

Headquartered in Wakefield, Mass. and founded in 2001, Vestmark is a leading provider of portfolio management solutions and outsourced services for financial institutions and their advisors, enabling them to efficiently manage customized client portfolios through an innovative technology platform. Supporting over $1.5 trillion in assets and 5.5 million accounts, Vestmark is a partner to some of the largest and most respected wealth management firms. For more information about Vestmark’s solutions, call (781) 224-3640 or visit www.vestmark.com.

Media Contact

Elizabeth Shim
Haven Tower
(424) 317-4861
eshim@haventower.com

©2024 Vestmark, Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited. Vestmark, VAST, and the Vestmark icon are registered trademarks. Other trademarks contained herein are the property of their respective owners. Vestmark believes that the information in this publication is accurate as of its publication date; such information is subject to change without notice.

Vestmark Advisory Solutions, Inc. (“VAS”), a wholly-owned subsidiary of Vestmark, Inc., is an investment advisor registered with the U.S. Securities and Exchange Commission (“SEC”). VAS acts as a paid sub advisor and/or overlay portfolio manager offering VAST and tax optimization services. Registration does not imply a certain level of skill or training. VAS has its principal place of business in Wakefield, MA. Investing involves risk. The value of an investment will fluctuate over time, and an investor may gain or lose money. Past performance is no guarantee of future returns and individual investor results will vary. Please consult our full disclosure document for a discussion of risks related to the services provided by VAS.