Andesa Services, the leading provider of comprehensive, integrated Policy Administration, Plan Administration and Third-Party Administration solutions to life insurance, annuity carriers and producers, announced today the successful completion of its annual Service Organization Control (SOC) examinations. The SOC examinations were conducted according to attestation standards created and managed by the American Institute of Certified Public Accountants (AICPA). The AICPA has established three, distinct SOC examination engagements – SOC 1®, SOC 2® and SOC 3®.
Andesa Services has delivered the following reports to its clients:
- SOC 1®/Type II reports – A restricted distribution report that examines the design and operating effectiveness of Andesa’s controls. This report addresses Andesa’s Administration System for Processing Insurance Policy, Plan Values and Transactions related to financial reporting.
- SOC 2®/Type II reports – A restricted distribution report that examines the design and operating effectiveness of Andesa’s controls as they relate to Security and Availability.
- SOC 3® reports – An unrestricted distribution summary report issued upon successful completion of SOC-2/Type II.
Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2® certification is widely recognized as a gold standard for data security and requires companies to establish and follow strict information security policies and procedures.
Andesa Services retained an independent public accounting firm for its SOC audit work. The audit included examination of Andesa Services’ policies and procedures, system development lifecycle, data centers, logical access, backup and disaster recovery and other critical operational areas. Upon the completion of the audit, Andesa Services received an unqualified opinion demonstrating that their infrastructure, policies and procedures meet or exceed the strict SOC 1® and SOC 2® criteria. Because SOC 1® and SOC 2® independently verify the validity and functionality of Andesa Services’ control activities and processes, our clients can be assured that the highest level of internal controls and security are established and maintained.
Roy Peterson, Chief Technology Officer at Andesa Services says, “Earning a SOC 2® Type II certification demonstrates our ongoing commitment and dedication to the security and availability of our environment. Andesa’s clients can be assured that the controls and safeguards we employ to protect and secure their data are aligned with industry standards and best practices.” The completion of our SOC 1® and SOC 2® Type II audit demonstrates to Andesa Services’ clients that Andesa is deeply committed to protecting our systems and data.
About Andesa Services
Andesa Services provides comprehensive, integrated Policy Administration, Plan Administration and Third-Party Administration solutions for life insurance and annuity carriers and producers. With nearly 40 years in business, Andesa Services offers this suite of services in a secure, private cloud environment. Their integrated approach to technology and service for life insurance and annuity markets results in efficiency gains, reduced hardware costs, mitigated compliance risk and improved market response.