News

Andesa Successfully Completes 2022 SOC 1®, SOC 2®, and SOC 3® Examinations

Written by: Andesa Services

Allentown, PA, October 27, 2022

Andesa, a leading policy lifecycle solutions provider for the life insurance and annuities industry, announced today the successful completion of its annual Service Organization Control (SOC) examinations for 2022.  The SOC examinations were conducted according to attestation standards created and managed by the American Institute of Certified Public Accountants (AICPA). The AICPA has established three, distinct SOC examination engagements – SOC 1®, SOC 2® and SOC 3®.

Andesa has delivered the following reports to its clients:

  • SOC 1®/Type II report – A restricted distribution report that examines the design and operating effectiveness of Andesa’s controls. This report addresses Andesa’s Administration System for Processing Insurance Policy, Plan Values, and Transactions related to financial reporting.
  • SOC 2®/Type II report – A restricted distribution report that examines the design and operating effectiveness of Andesa’s controls as they relate to Security and Availability. This means that Andesa can feel confident in the secure design and operating effectiveness of the Andesa platforms, which successfully passed the rigorous security verification process.
  • SOC 3® report – An unrestricted distribution summary report issued upon successful completion of SOC-2/Type II.

Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2® compliance is widely recognized as a gold standard for data security and requires companies to establish and follow strict information security policies and procedures.

Andesa retained an independent public accounting firm for its SOC audit work.  The audits included an examination of Andesa’s policies and procedures, system development lifecycle, data centers, logical access, backup and disaster recovery, and other critical operational areas.  Upon the completion of the audits, Andesa received an unqualified opinion demonstrating that their infrastructure, policies, and procedures meet or exceed the strict SOC 1® and SOC 2® criteria.  Because SOC 1® and SOC 2® independently verify the effective design and operation of Andesa’s control activities and processes, Andesa’s clients can be assured that the highest level of internal controls and security are established and maintained.

“Our successful completion of the SOC 1® Type II audit signifies that Andesa considers business processes and the security of our clients’ data top priorities, as well as reaffirms our position as an industry leader.  We’re also proud that our SOC 2® Type II report demonstrates that our controls in place to mitigate risks related to security, availability, and confidentiality are appropriate and functioning according to their design. Andesa understands the importance of data privacy and data security in every client experience across all our offerings.  We continue to invest in ensuring the security and availability of our services,” said Jacqueline Hunter, Enterprise Risk Management Officer and General Counsel.

About Andesa
Andesa is a leading, employee-owned provider of policy lifecycle solutions for the life insurance and annuities industry that offers modern cloud-based systems for transaction management and recordkeeping.  Through flexible end-to-end lifecycle management solutions, a commitment to data security, and decades of market and product expertise, we help carriers, brokers, key stakeholders, and participants pursue strategic sales opportunities and successfully navigate market change. For more information on Andesa, please visit www.AndesaServices.com or follow us on Twitter @AndesaServices

Contact:

Kerianne Geist
Marketing Manager
Andesa Services
[email protected]
610-841-9510

Follow the Andesa Blog

"*" indicates required fields

Any Questions?