Auditing of Data Protection Measures

Implementing appropriate and organization protection measures is essential in protecting data privacy. Regular testing of those controls will ensure the processes and systems are operating with data privacy and confidentiality in mind. Internal monitoring and audits along with working with outside cybersecurity experts to audit the systems is an import aspect of this. SSAE18 (SOC 1/SOC 2) testing and ISO 27001 certification are steps you can take to make sure your organization is maintaining compliance.

Blue Marble Payroll is working closely with a third-party firm in demonstrating how they achieve key compliance controls and objectives through SSAE18 (SOC 1/SOC 2). Blue Marble Payroll has completed it’s SOC 2 Type 2 attestation for 2018. The SOC 1 and SOC 2 reports are available to customers by contacting their dedicated project manager.

Blue Marble Payroll will also look to a third-party firm to perform GDPR specific data protection audits against it’s technical and organizational protection measures.

Amazon Web Services is the cloud provider that hosts the flagship platform WebGlobe. In addition to internal compliance initiatives, Blue Marble Payroll is also regularly reviewing AWS’s commitments to compliance and data protection. Additional information about their compliance initiatives can be found at https://aws.amazon.com/compliance/.

If you have any questions about compliance privacy practices within Blue Marble Payroll, you may contact the Privacy Office at [email protected].