Johnson & Quin Achieves SOC 2 Compliance
Johnson & Quin, a full-service provider of direct mail production and mailing services, announced successful completion of its 2019 SOC 2 Type 2 examination. The company initially completed its SOC 2 Type 1 examination in 2018.
Completing the examination “verifies that our security processes are consistent, ongoing and sustainable,” explained Manish Haria, VP, CISO and CIO for Johnson & Quin. “Putting a compliance framework in place and having it audited by independent third parties keeps us secure.”
Johnson & Quin’s efforts allow them to demonstrate a substantially higher level of assurance and operational visibility than companies that have not undergone annual SOC 2 examinations. As a provider of high-volume, complex communication programs that require both personalized and variable data printing, this reassurance is crucial for the company and its clients.
“Johnson & Quin processes millions of records of consumer data each year for our clients, including many financial services, insurance, retail and other industries. It is essential that our handling of their data meets the top security and compliance guidelines not just most of the time, but on an ongoing and consistent basis so that our clients are confident in the safety of their data and marketing materials,” stated Kay Wilt, Director of Marketing.
Many customers request the company’s SOC report as a condition of doing business. The successful examination allows Johnson & Quin to reassure its clients that the company is continuously monitoring its security procedures and investing in critical compliance initiatives.
“Many clients in the financial and other industries require that their marketing service providers have security procedures and processes that have been audited by outside authorities,” Wilt noted. “It certifies that we do have the controls in place to manage our clients’ data securely on an ongoing basis.”
All examination efforts were completed by the professional and independent third-party audit firm, 360 Advanced, Inc.
“360 Advanced helped us understand the compliance requirements based on the type of sensitive data we handle,” Haria noted. “They worked on understanding our business services, as well as the security that was in place to protect the information. [Their] approach to looking at controls was always both risk-based and compliance-based.”
As part of the examination, Johnson & Quin was measured against the AICPA Trust Services Criteria for Security. With third-party assurance that these criteria have been met, the company can continue delivering direct mail programs, while assuring that its clients’ information will remain secure.
The preceding press release was provided by a company unaffiliated with Printing Impressions. The views expressed within do not directly reflect the thoughts or opinions of the staff of Printing Impressions.