Skip to content

Visit Our Family of Brands

Registration is open for Applied Net 2025! Sign up through June 20 to get the best price. Register Now

Assurance Programs

  • CSA STAR

    Applied Systems has been proactive in working with the Cloud Security Alliance whose mission is to promote best practice in the provision of security assurance within Cloud Computing. The CSA Security, Trust & Assurance Registry (CSA STAR) is a free, publicly accessible registry documenting security controls published by various cloud service providers, thereby helping users assess the security of Cloud services they use or are considering contracting with.

  • A police badge icon with an electric blue circular checkmark in the center and a signal coming from the top right corner

    ISO

    The International Organization for Standardization (ISO) is a self-governing, non-governmental entity and the largest creator of voluntary international standards globally. The International Electrotechnical Commission (IEC) is the foremost organization for creating and publishing international standards for electrical, electronic, and related technologies. These worldwide standards offer a structure for policies and procedures encompassing all legal, physical, and technical controls involved in an organization's information risk management processes and continual improvement of its security program.

    Applied Epic, Ivans, Applied Mobile, Applied Marketing Automation, Applied CSR24, and Indio are certified as ISO/IEC 27001:2013 compliant. As a formal specification, the 27001 standard sets out requirements for implementing, monitoring, maintaining, and continually improving the ISMS. It also recommends a series of best practices, including documentation requirements, responsibility divisions, availability, access control, security, auditing, and corrective and preventive measures.

    If you need Applied ISO certification, you have two ways to request it. First, you can ask your account manager for help. Alternatively, you can do it yourself online. Just go to Applied's community site, look for the 'Product Information' section, and then find the 'Due Diligence Documentation'. Here's the direct link: https://community.appliedsystems.com/s/product-information

  • SOC 3

    The SOC (System and Organization Controls) standards are owned and managed by the American Institute of Certified Public Accountants (AICPA). The AICPA is the world's largest association representing the accounting profession. It sets ethical standards for the profession and U.S. auditing standards for private companies, nonprofit organizations, federal, state and local governments.

    A SOC 3 report is a general use report of the SOC 2 reports which covers how a company safeguards customer data and how well those controls are operating. Companies that use cloud service providers use SOC 2 reports to assess and address the risks associated with third party technology services. These reports are issued by independent third party auditors covering the principles of Security, Availability, and Confidentiality.

    Applied Cloud is SOC 3 compliant. Read the report.

  • SOC 2

    The SOC 2 (Service Organization Control 2) is a type of audit or report which is delivered by a certified public accountant and designed to evaluate and ensure that a service provider securely manages data to protect the interests and privacy of its clients.

    Applied Systems conducts SOC 2 Type 2 audits semi-annually within the Trust Services Criteria of security, availability, and confidentiality. Products within the Applied Cloud environment are in scope and include Applied Analytics, Applied Epic, Applied TAM, Applied Vision, DORIS, Applied CSR24, Applied Mobile, Applied Rating Services, and Ivans. Separate SOC 2 Type 2 reports are available for EZLynx and Indio products.

    If you need Applied SOC 2 Type 2 reports, you have two ways to request it. First, you can ask your account manager for help. Alternatively, you can do it yourself online. Just go to Applied's community site, look for the 'Product Information' section, and then find the 'Due Diligence Documentation'. Here's the direct link: https://community.appliedsystems.com/s/product-information

  • SOC 1

    A SOC 1 (System and Organization Controls 1) is an audit report that evaluates the internal controls of a service organization that may impact its clients' financial reporting, although these controls can vary depending on the nature of the service organization. It's used because it provides assurance to the clients of the service organization that the company has robust and reliable controls in place.

    Applied Systems conducts a SOC 1 Type 2 audit annually within the Trust Services Criteria of security, availability, and confidentiality. The Applied Epic product has its own SOC 1 report.

    If you need Applied SOC 1 Type 2 report, you have two ways to request it. First, you can ask your account manager for help. Alternatively, you can do it yourself online. Just go to Applied's community site, look for the 'Product Information' section, and then find the 'Due Diligence Documentation'. Here's the direct link: https://community.appliedsystems.com/s/product-information

 
 

Responsible Disclosures

We take security seriously at Applied Systems. As part of our ongoing commitment to provide a best-in-class cloud service, we leverage independent third parties to help us strengthen our security. If you think you have discovered a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner by using the form linked below.

Submit Now