The Journey to SOC 2: Data Security Lessons and Benefits

Compliance, Insights

A New Link in the Secure Data Supply Chain

Note: This is the first in a series of blog posts Alliant will publish on its experiences achieving SOC 2 certification. You can download the entire series here.

Alliant recently received SOC 2 attestation for its real-time consumer data systems. The audit procedures by an independent third-party accounting firm were challenging, costly, and time-consuming, but ultimately rewarding.

The process involved multiple subject matter experts working laterally across Alliant’s business units. The reviews were rigorous, with extensive documentation requirements, but in the end, the process was valuable and the entire company developed a heightened awareness for security policies and procedures. It helped Alliant reaffirm across teams that data security and integrity is a competitive advantage — and the process itself challenged each team to actively think about and defend its data practices.

After a six month effort, Alliant is now a certified member of the secure data supply chain. Information entrusted to us from our cooperative members and partners is confirmed to be held securely and processed correctly.

Data and analytics information is sensitive, and Alliant believes that all data providers should be on the vanguard of obtaining security certifications — and should seek out partners that do likewise. This is a conversation management in every company that relies on consumer information to conduct business should be having.  And if you’re thinking seriously about putting your company through an information security audit, we are confident that the lessons we learned can help you too.

Download Full Article

This is the first in a series of blog posts Alliant will publish on its experiences achieving SOC 2 certification. You can download the entire series here.

*This post is provided for informational purposes only and is not legal advice. Each organization should work with qualified counsel to understand its obligations and opportunities for improved data quality and approved certifications.

Share This Post
Nicholas Godlove

Nicholas Godlove

Corporate Counsel, Corporate Communications