Securing your data.

Client Outcomes

1. SOC reports come in three variations. SSAE18/SOC2 serves a unique purpose in supporting the needs of a provider’s customers from a data security standpoint.

   • SSAE18/SOC2 – The SOC2 report intends to describe, assess and validate controls that affect the security, availability, processing integrity, confidentiality and privacy of customers subscribed to the services of an external provider. A typical example is a co-location facility providing security controls for hosting services. Long View currently maintains an SSAE18/SOC2 Type II report.

2. SOC reports have two document categories; Type I or Type II.

   • Type I reports describe the providers operating controls and the suitability of their design.
   • Type II reports, the most common type of SOC report, contain all of the information included in a Type I but also audit the effectiveness of the controls over a defined period (typically three months to a year). Our report reflects a 1-year operating period; the maximum allowed.

We have specifically scoped our SSAE18 / SOC2 reports to include all the relevant controls that support our OnDemand Cloud and Managed IT Service offerings. An authorized third-party auditor organization conducts the audit for the Long View SOC2 Type II report, adhering to the American Institute of Certified Public Accountants (AICPA), AT801 and the International Standards for Assurance Engagements No. 3402 (ISAE 3402) guidelines. This report replaces the previous Statement of Auditing Standards No. 70 (SAS 70) report.