At FinancialForce.com, we understand that security, availability and application processing integrity are critical to your organization. We, along with salesforce.com, have invested in a world-class cloud infrastructure and rigorous application control procedures that are far beyond what you could ever deploy for yourself. Our control environment has been audited by a Big 4 auditing firm (SOC 1 Type II report) which will provide you peace of mind, but can also help lower the cost of the auditing processes for your company.
Here is why you can entrust your systems and information to FinancialForce.com.
As a native salesforce platform application, our applications (and your data) inherit all the benefits of the considerable investments made by salesforce.com in infrastructure, data management, controls, security and certifications including Truste and ISO 27001. And better yet, you’ll always have access to trust.salesforce.com, a set of web pages dedicated to providing cloud users with a transparent view of the cloud computing environment.
The salesforce platform includes these certifications:
FinancialForce.com has invested in a Service Organization Control 1 (SOC 1) Type II report prepared by an internationally recognized Big 4 auditing firm. The SOC 1 report is in addition to the reports and certifications of the underlying platform provided by salesforce.com. The report is prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization. The purpose of the report is to provide our customers assurances in all material respects that FinancialForce.com’s Description of Services is fairly presented, that controls put in place by FinancialForce.com are suitably designed to meet their control objectives and that those controls were tested and operated effectively during the audit period.
Business leaders using cloud service providers need assurances that security, availability and the control environment are being taken seriously by the service providers. Completion of a SOC 1 report and the review by an independent auditing firm are not only highly recommended but an indication of vendors’ commitment to trust and security, especially for cloud based services that can impact financial reporting.
- Christine Dover, Research Director, IDC
The report reviews the following:
The SOC 1 report provides FinancialForce.com’s customers with the additional assurance that our applications are developed and delivered with the highest level of standards to ensure a high quality product is deployed in your environment.
FinancialForce.com provides rigorous application controls that ensure your financial transactions have been correctly validated and reviewed prior to posting, have comprehensive audit trails and cannot subsequently be modified via “back door” manipulation of object data.
Passed with flying colours!!!
These application controls include:
FinancialForce.com has made significant investments in people, processes and systems to ensure high quality business applications. All our application code is peer reviewed and tested via a battery of both human and automated testing procedures. Tests include:p>
Passed with flying colours!!!
FinancialForce applications are also tested via the AppExchange Security Review process. The Security Review has been developed to assess the security posture of ISV application offerings to ensure that applications published on the AppExchange follow industry best practices for security.