Andesa Successfully Completes SOC 1®, SOC 2®, and SOC 3® Examinations

Written by: Andesa Services

Allentown, PA, October 24, 2023

Andesa, a leading policy lifecycle solutions provider for the life insurance and annuities industry, announced today the successful completion of its annual Service Organization Control (SOC) examinations.  The SOC examinations were conducted according to attestation standards created and managed by the American Institute of Certified Public Accountants (AICPA). The AICPA has established three, distinct SOC examination engagements – SOC 1®, SOC 2®, and SOC 3®.

Andesa has delivered the following reports to its clients:

  • SOC 1®/Type II report – A restricted distribution report that examines the design and operating effectiveness of Andesa’s controls. This report addresses Andesa’s Administration System for Processing Insurance Policy and Plan Values, and Transactions related to financial reporting.
  • SOC 2®/Type II report – A restricted distribution report that examines the design and operating effectiveness of Andesa’s controls as they relate to Security and Availability. This means that Andesa can feel confident in the secure design and operating effectiveness of the Andesa platforms, which successfully passed the rigorous security verification process.
  • SOC 3® report – An unrestricted distribution summary report issued upon successful completion of SOC-2®/Type II.

Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2® compliance is widely recognized as a gold standard for data security and requires companies to establish and follow strict information security policies and procedures.

Andesa retained an independent public accounting firm for its SOC audit work.  The audits included an examination of Andesa’s policies and procedures, system development lifecycle, data centers, logical access, backup and disaster recovery, and other critical operational areas.  Upon the completion of the audits, Andesa received an unqualified opinion demonstrating that their infrastructure, policies, and procedures meet or exceed the strict SOC 1® and SOC 2® criteria.  Because SOC 1® and SOC 2® independently verify the effective design and operation of Andesa’s control activities and processes, Andesa’s clients can be assured that the highest level of internal controls and security are established and maintained.

“We are pleased to announce the successful completion of the SOC 1® Type II and SOC 2® Type II audits. This achievement reflects our ongoing drive to the highest standards of security and data integrity. It is a testament to the hard work and dedication of our team, who prioritize the protection of our clients’ information. We remain steadfast in our commitment to provide a secure and trustworthy environment for our clients and partners, and this milestone reaffirms our position as a trusted industry leader.” said Jacqueline Hunter, Enterprise Risk Management Officer and General Counsel.

About Andesa
Andesa is a leading, employee-owned provider of policy lifecycle solutions for the life insurance and annuities industry that offers modern cloud-based systems for transaction management and recordkeeping.  Through flexible end-to-end lifecycle management solutions, a commitment to data security, and decades of market and product expertise, we help carriers, brokers, key stakeholders, and participants pursue strategic sales opportunities and successfully navigate market change. For more information on Andesa, please visit


Kerianne Geist
Marketing Manager
[email protected]

Follow the Andesa Blog

"*" indicates required fields


Any Questions?