Compliance

SOC 2 Type II report affirms our commitment to security and excellence.

As your data security partner, IntelliCredit prioritizes the protection of sensitive financial information which is core to what we do. That's why we've implemented robust processes, procedures, and controls, and undergo rigorous annual, independent audits, including our System and Organization Controls (SOC) 2 audit examination. This ensures our practices align with industry best standards and protect the confidentiality of your institution's data.

The SOC 2 audit provides an independent, third-party assessment on the security of our digital environment. The resulting report assures our financial services customers that our processes, systems and controls are of the highest quality and meet the stringent SOC 2 security and privacy standards set by the American Institute of Certified Public Accountants (AICPA).

Why did we undergo a SOC 2 exam?

Completing a SOC 2 examination is an extensive process that demonstrates IntelliCredit’s commitment to data security and our preparedness for the challenges of the evolving cybersecurity landscape.

“IntelliCredit realizes the enormity of the challenges financial services organizations face in keeping up with escalating data and system security breaches. We are pleased that our SOC 2 Type II report demonstrates that we have the appropriate controls in place to govern the security of our clients’ data and mitigate the risks related to the loan review, due diligence, and other consulting services we provide,” said David Ruffin, Principal.

What is a SOC 2 report?

Obtaining a SOC 2 report is a trusted way for IntelliCredit to provide our customers with an independent assessment of the security of our digital environment. The examination is conducted by an accredited third-party auditor and the resulting CPA's report serves as a tool to demonstrate that IntelliCredit's internal controls governing the security of our clients', partners' and stakeholders' data are properly designed, implemented and maintained.

The SOC 2 report provides a valuable tool for current and potential stakeholders to assess risk by giving them a closer look at the policies and procedures IntelliCredit put in place to ensure our organization’s services are provided safely and reliably.

What does a SOC 2 report cover?

SOC 2 examinations must be performed by accredited CPA firms under the standards defined by SSAE 18. An independent auditor tests the effectiveness of the internal controls outlined by the reviewed organization, then maps those controls to one or a combination of the Trusted Services Criteria established by the American Institute of Certified Public Accountants (AICPA).

The IntelliCredit SOC 2 Type II report criteria Includes:

• Security: The systems are protected against unauthorized access (both physical and logical).
• Availability: The systems are available for operation and use as committed or agreed.
• Confidentiality: Information designated as confidential is protected as committed or agreed.

For clarification, SOC 2 Type II reports examine controls over a period of time, usually between three and 12 months, in contrast to a SOC 2 Type I report which examines controls at a single point in time. IntelliCredit’s SOC 2 Type II report is comprehensive and shows the effectiveness of our infrastructure in keeping our data and our clients’ data safe.

Where to go for more information.

Current and prospective customers interested in obtaining a copy of IntelliCredit's latest SOC 2 report can do so after signing a Non-Disclosure Agreement (NDA). To initiate this process, please email Debbie Walker at debbie.walker@qwickrate.com.

Our auditor, BARR Advisory, has provided a detailed breakdown on how to read a SOC 2 report, including where to find the most important and relevant information for your situation.