Security and Compliance
Need your data hosted on a secure, compliant, up-to-date system? We do that.
With GOLDPoint Systems, you can have confidence that your data is accurate, safe, and secure. From a variety of internal tests to attending various conferences to keep up to date with changes in regulations and in the industry itself; we put in the work to give you peace of mind about data security.
- Annual disaster recovery test
- SOC 1 Type II and SOC 2 Type II compliant
- Regular audits by FCIC, OCC, and the Utah Department of Financial Institutions
- Internal audits and penetration and vulnerability testing
- GOLDPoint employees receive proper security training and are tested annually
Internal Audit Procedures
We employ an internal audit team, which is responsible for auditing compliance with information security policies and procedures as defined by government regulations and best practices. This team coordinates penetration and vulnerability testing as well as audit calculations within the application software itself.
External Audit Procedures
We conduct regular external audits that are published and made available to its clients. Annual SOC 1 Type II and SOC 2 Type II audits are performed to ensure that GOLDPoint follows the controls it has implemented. These reports provide information on the internal controls and activities executed by GOLDPoint.
Compliance and Vendor Management
We employ a Chief Risk Officer who works with the Chief Information Security Officer to review contracts with new vendors. These officers also conduct annual reviews of certain security documents with vendors who have a high-risk rating.
