Black Box Completes SOC 2 Examination
March 2022 by Marc Jacob
Black Box announced that it has completed its System and Organization Controls (SOC 2®) examination relevant to its information security practices, policies, procedures and operations. SOC 2 is a compliance standard developed by the AICPA (American Institute of CPAs) specifying how organizations should manage data from customers.
For a SOC 2 examination, an independent service auditor evaluates and verifies the suitability and effectiveness of a service provider’s controls related to security, availability, processing integrity, confidentiality and privacy. Those five areas, known as AICPA’s "trust service criteria," are all critical factors in providing overall assurance around business services.
The SOC 2 examination indicates that Black Box has defined operations, policies and procedures covering all requisite aspects of security, availability, processing integrity, confidentiality and privacy. This includes management oversight of critical parameters that are important to business operations, and team ownership for important areas, such as regularly monitoring for malicious or unrecognized activity, risk footprint, and appetite; security technology strategy and system configuration changes; access controls; and business continuity and disaster recovery plans.
The SOC 2 examination is carried out through an annual external audit. Black Box first achieved SOC 2 compliance in 2020.