Computer Guidance Corporation Successfully Passes SOC 2 Type II Audit For Its Cloud Hosting Systems, Services and Associated Processes Assurance provided by CliftonLarsonAllen, LLP in Accordance with Attestation Standards Established by the American Institute of Certified Public Accountants

Computer Guidance Corporation, the leading developer of Cloud-based ERP software solutions for the construction industry, today announced receipt of its annual System and Organization Control (SOC) 2 Type II attestation engagement report (audit) for the eCMS Hosting Service system that was designed and implemented throughout the period October 01, 2017 to September 30, 2018.

The trust services report provides independent validation that Computer Guidance Corporation’s security, availability and confidentiality controls operated in accordance with the American Institute of Certified Public Accountant (AICPA) applicable Trust Services Criteria (TSC) as a result of an examination of the description of a service organization’s system and the suitability of the design and operating effectiveness of controls involving a number of factors outlined in the audit report.

SOC2 Audit DiagramThe audit reviewed several processes and procedures that have been implemented by Computer Guidance to proactively manage the cloud environments that host the eCMS system, associated Tier III data centers, including:

  • eCMS Hosting Services System based on the criteria set by the AICPA Guide Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy (SOC 2®)
  • The suitability of the design and operating effectiveness of controls to meet the criteria for the Security, Availability, and Confidentiality Trust Principles set forth in TSP section 100, Trust Services Criteria, and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Technical Practice Aids) throughout the period.

“Computer Guidance Corporation’s commitment to strong internal controls supporting its service commitments and system requirements in regard to their cloud-based hosted system solutions and services is evident in this report,” stated Mark Eich, Partner In Charge of Information Security Services, CliftonLarsonAllen, LLP. “Computer Guidance Corporation’s successful completion of this audit for the past seven years demonstrates its integrity, accountability, and commitment to its clients, partners, and industry. Computer Guidance customers can be confident that controls described within the report are accurately depicted and were operating as represented during these engagement periods.”

“The successful completion of our SOC 2® Type II examination audit provides Computer Guidance’s clients with the assurance that the controls and safeguards we employ to protect and secure their data, systems, and cloud hosting environments are in line with industry standards and best practices,” stated Bob Shantz, Director of Infrastructure and Cloud Services, Computer Guidance Corporation. “Computer Guidance strives for improvements in our controls and operating procedures year over year; ensuring a well-controlled and secured environment for our clients.”