Information Technology Services SOC 2 Case Study

Schneider Downs completed a Service Organization (SOC) Type 2 report for a leading SaaS provider that empowers retailers and manufacturers to drive new product success by introducing the right new products at the right price.  The client offers a cloud-based software solution that gives retailers and manufacturers insight into expected product performance and optimal entry price points for new items that have no sales history, all within 48-72 hours.  Retailers and brands use the solution to develop, select, and price more winning products.

The client uses a scalable platform that enables thousands of consumers to evaluate hundreds of new products through online games that are presented via social media, websites, emails, and on mobile devices.  The predictive analytic solution filters and weighs consumer input, ensuring that clients are listening to the right consumers.  The results have been 3%-9% gains in sales and margin dollars for all customers. The Chief Technology Officer shared her thoughts with Schneider Downs on the SOC 2 Type 2 report:

Why is the SOC 2 Type 2 report valuable from you customers’ perspective?information-technology-services-soc-2-report-ssae-16

Because we are a SaaS solution, it is important for our customers to know we have sufficient controls in place to ensure that we are managing the information they provide us in a secure and business-appropriate manner.  The SOC 2 principles and criteria provide a standard framework for us to demonstrate evidence of our controls without our customers have to conduct their own due diligence audit on our systems.

How has the SOC 2 report process added to the Security and Processing Integrity of your SaaS offering?

It mobilized our company to this about the best practices for managing inputs into our solution, monitoring consumer engagement activities, and producing customer results from our systems, and to develop Policies and Procedures that encourage those best practices and mitigate risk.  The Policies and Procedures related to Security and Processing Integrity we have developed have also simplified new hire training, as it was easier to develop training materials and track compliance.

Can you describe your experience with Schneider Downs?

Schneider Downs was professional and knowledgeable and worked with us from a point of view wanting us to succeed.  They worked hard to understand our business and worked with us to develop controls that made sense for our company.  The challenged us when necessary and they helped us ultimately build a framework that made us better as a company.  I look forward to working with them again on the next testing phase.

Register to receive our weekly newsletter with our most recent columns and insights.

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102