TrustCC's Internal Controls
From time to time TrustCC is asked to verify internal controls used to protect sensitive information. Unlike traditional service providers, professional services firms typically do not provide SAS70 reports or other third-party attestations. Instead these firms (including TrustCC) provide extensive documentation of our internal control processes. We understand that security is only as strong as its weakest link. Therefore, we make sure that we implement controls that we know you'd expect from a firm like TrustCC.
Security Policies and Standards
TrustCC has had a security policy and supporting standards in place since the inception of the company. The policies are comprehensive and include physical, administrative and technical controls. All TrustCC team members are required to periodically acknowledge the policies and certify compliance. Periodic self and peer reviews validate that team members adhere to company policies and standards.
Technical Safeguards
TrustCC provides its professionals with the latest computing equipment and technological infrastructure. Our security technologies include firewalls, encryption of all data in transit and in storage on laptops, hardening of notebook computer operating systems, certificate/password based authentication, anti-virus and anti-spyware solutions, bio-metric authentication, and numerous other techniques. TrustCC has deployed a comprehensive technology infrastructure that ensures secure connectivity even when we are connected remotely.
Physical Safeguards
TrustCC computing infrastructure is located at a highly secured third party network operations center (NOC) and is protected with sophisticated physical and environmental controls including fire detection and suppression. Access is limited to those in the company that require it. The NOC is connected to multiple electrical and network feeds. Full backups are maintained and regularly tested for recoverability.
Employment Contracts and Screening
All TrustCC employees have had criminal background checks performed. All employee references are checked and employment history is verified. All employees must verify that they are entirely "white hat", that is, they do not participate in the circumvention of controls which could be considered illegal. Employees must sign an employment contract that requires confidentiality of all non-public data and compliance with the company's security practices. Upon termination all employees are required to return or destroy all data and materials related to TrustCC and its clients. TrustCC has a 'zero tolerance' policy for non-compliance with company security provisions.
Recent Quote
“TrustCC's professionalism, knowledge, and effective communication style are a welcome change compared to other firms. Their recommendations allowed us to easily implement the necessary control changes to not only pass examination, but ensure the proper protection of both the Bank’s and our Customer’s information." – Eric Jensen Chief Financial Officer of Fortune Bank; December 2007
About TrustCC
TrustCC’s team of professionals is unsurpassed in hands-on experience and regulatory knowledge. We focus our attention on detail, insightful reporting, and our customers’ needs.
TrustCC is known for its systems, security, and regulatory expertise, customer service and independence.
We are confident that our services will exceed your expectations.
Locations Served
TrustCC started in the Seattle/Tacoma area. Today TrustCC serves clients throughout the United States and elsewhere!