Why Is Compliance Software Important? And How Do I Know If I Need It?
Compliance officers have traditionally spent much of their time manually tracking the data they need to ensure the firm and its employees remain in…
PLATFORMS
Compliance Security
StarCompliance values the security of your business and your data above all else. The STAR platform has been built from the ground up with a focus on security across every product and feature of the application. The STAR platform is hosted in SOC 2 and/or ISO 27001 data centers that provide high availability. As an organization, StarCompliance is ISO 27001, and SOC2 Type II compliant.
The ultimate protection for your data
The StarCompliance approach to security is based on a Governance, Risk and Compliance strategy, led and supported from the top down. Our Information Security and Data Protection team ensure that strict policies and procedures are established and implemented in relation to best practice, legislative, regulatory, legal and contractual requirements. These procedures are coupled with the authority to enforce the controls – administrative, technical and physical – which protect our security principles of confidentiality, integrity and availability.
Comprehensive governance, risk and compliance security strategies
Governance
StarCompliance conforms to standards defined by the International Organization for Standardization (ISO) and is certified to:
ISO 27001 – Information Security Management System
Our systematic approach to managing sensitive company information ensures it remains secure. This involves applying robust risk management to our people, processes and IT systems.
I
Risk
ISO 27005 is the Risk Management Framework that underpins ISO 27001. Risks are identified internally by our Information Security and Data Protection team and externally in our annual, independent, third-party audits.
Compliance
Our compliance program includes:
- Audits – periodic assessments to identify non-conformities and opportunities for improvement with:
-Internal audits led by our Information Security Officer (CISSP)
– Annual, external audits by independent, third parties (ISO 27001 and SOC2 Type II compliant)
– Ad-hoc, on-site client-sponsored audits - Regulatory and legislative compliance, including the upcoming EU General Data Protection Regulation (GDPR).
Physical Security
- Tier III Data Centers
- SSAE18 SOC 1 and 2 and/or ISO 27001
- StarCompliance dedicated, locked, server cage environment (co-location environment)
Administrative Security
- Single-tenancy model
- Independent (CREST) Third-Party, Application Penetration Security Testing
- Security awareness training
Technical Security: STAR Application
- Single sign-on
- Multi-factor authentication
- Configurable password complexity (to client’s policies)
Technical Security: Network
- Defense in depth” network topology
- Firewalls with Intrusion Prevention Systems (IPS)
- Web Application Firewalls (WAF)
View Our Additional Platform Features
Star Technology
Star’s advanced implementation and security options ensure your compliance operations are safer and more efficient than ever before.
Star Mobile
With STAR Mobile, employees pre-clear activity and report transactions on-the-go and Supervisors can review escalated requests from anywhere.
Data Management
Star offers a range of products, services and vendor solutions that let you monitor and manage an ever-increasing amount of data, enhance and optimize existing data sets, and maintain data integrity.
Reporting & Analytics
Be proactive, not reactive. Insight Driven Dashboards put actionable intel in front of compliance officers and frontline managers in an interactive format in near-real time.
Tools & Tips
With Tool Tips & Walkthroughs, the STAR Platform is your compliance software training partner. Get instant support right inside the STAR Platform.
Related Posts
10 Steps To A Seamless Compliance Software Implementation
The journey to a new compliance system begins here, no matter where you’re starting out from
Guide to Purchasing Compliance Management Tools
While traditionally associated with multinational corporations and financial institutions, compliance obligations are now ubiquitous, extending even to small retailers.
