Cirrus Group LLC Expands Service Organization Controls (SOC 2) Type II Audit Validation
Cirrus Group LLC today announced that it has received global security compliance verification for Service Organization Controls SOC 2 Type II. Cirrus Group engaged the independent auditing services of Plante Moran PLLC which recently completed Cirrus Group LLC’s SOC 2 Type II examination, resulting in the CPA firm’s report stating that management of Cirrus Group maintains effective controls related to the Security, Availability and Confidentiality trust principals for its hosted Platforms and related internal processes and systems.
"At Cirrus Group, we are committed to providing our customers with the highest level of trust that their data will be secure, confidential and that the mission critical applications we provide will always be available,” said Michael Garrett, Chief Operating Officer for Cirrus Group. “The expansion of our auditing scope to a Type II methodology involves a much more comprehensive review process, covering several months each year. No other child care and afterschool program management system or parent engagement application has gone through such an ongoing extensive review to achieve similar third party validation."
A SOC 2 Type II goes beyond a Type I to further ensure that a service organization’s controls were operating as intended during the audit period. Additionally, a SOC Type II audit report includes a comprehensive description of the tests performed and the audit results of those tests.
About Service Organization Controls Auditing
A SOC 2 Type II report is designed to meet the needs of customers who want assurance on the controls at a service organization. These reports benefit customers by helping them better understand Cirrus Group LLC's internal controls related to these areas and provide valuable information needed to assess and address the risks associated with an outsourced service.
SOC 2 Reports on Controls at a Service Organization are examination engagements performed by an independent service auditor (CPA) in accordance with criteria developed by the American Institute of CPAs (AICPA) and the Canadian Institute of Chartered Accountants (CICA).
SOC 2 reports specifically address the performance of trust principles in one or more of the following five key attributes:
(i) Security - The system is protected against unauthorized access (both physical and logical);
(ii) Availability - The system is available for operation and use as committed or agreed;
(iii) Processing Integrity - System processing is complete, accurate, timely and authorized;
(iv) Confidentiality - Information designated as confidential is protected as committed or agreed;
(v) Privacy - Personal information is collected, used, retained, disclosed and disposed of in conformity with the commitments in the entity’s privacy notice, and with criteria set forth in Generally Accepted Privacy Principles (GAPP) issued by the AICPA and CICA.
About Cirrus Group, LLC
Cirrus Group LLC is a leading Software-as-a-Service (SaaS) provider of dynamic operational, financial and customer management solutions for childcare facilities, community education centers and school districts. Since 2002, Cirrus Group has provided their Daycare Works, SchoolCare Works and RecCare Works platforms, helping clients more efficiently manage their staff and resource scheduling and simplifying government compliancy requirements, including fully integrated and individualized state and local subsidy payments and food care program accounting (CACFP). Through Cirrus Group’s solutions, these facilities also build better relationships with customers by extending their brand to the web for classroom enrollments, accepting secure online payments and delivering personalized and multi-channel communications. For more information about the Cirrus Group platform of solutions, visit us online at www.CirrusGroup.com.