Avocette: MSPCV and SOC 2

What is MSPCV certification?

Managed Service Providers Cloud Verify (MSPCV) is a certification for cloud and managed services practitioners worldwide. It is based on the 10 control objectives of the Unified Certification Standard for Cloud & MSPs (UCS) and is the oldest certification program for cloud computing and managed services providers. The MSPCV was the first of its kind created specifically for the managed services and cloud industry. Every certification comes with a written report with the entire process documented, validated and signed by a third-party accounting firm. The MSPCV has been reviewed by governmental agencies and regulatory bodies across the globe and is used and accepted in 5 continents around the world.

What does MSPCV assess?

  • Objective 1: Governance
  • Objective 2: Policies and Procedures
  • Objective 3: Confidentiality and Privacy
  • Objective 4: Change Management
  • Objective 5: Service Operations Management
  • Objective 6: Information Security
  • Objective 7: Data Management
  • Objective 8: Physical Security
  • Objective 9: Billing and Reporting
  • Objective 10: Corporate Health

How are these objectives assessed?

The MSPAlliance certification process includes thorough readiness assessments and gap analysis based on the best practices in the industry. The results are then examined by an independent third-party accounting firm for verification and signing of a public-facing report.

What is SOC 2 Type 1 Certification?

Service Organization Controls (SOC) are a series of standards designed to help measure how well a given service organization conducts and regulates its information. The purpose of SOC standards is to provide confidence and peace of mind for organizations when they engage third-party vendors. A SOC-certified organization has been audited by an independent certified public accountant who determined the firm has the appropriate SOC safeguards and procedures in place.

More specifically, SOC 2 is designed for service providers storing customer data in the cloud. It requires companies to establish and follow strict information security policies and procedures encompassing the security, availability, processing, integrity, and confidentiality of customer data.

What Does the SOC 2 Type 1 Audit Examine?

SOC 2 looks at five Trust Factors of secure data processing and storage. Demonstrating proficiency across one or more of these criteria is an attestation to the privacy and security controls:

  • Security
  • Availability
  • Processing Integrity
  • Confidentiality
  • Privacy

What does this compliance mean to Avocette's clients?

SOC 2 Type 1 compliance assures our customers that we have best-in-class safeguards and procedures in place to ensure the security of their information. Avocette has been in business for over 43 years serving all levels of government (Federal, Public Sector and Municipal) providing our clients with trusted service and commitment. SOC 2 Type 1 compliance demonstrates that Avocette's security policies, measures, and procedures rigorously protect the consumer and their data with oversight of an independent third party assessment.

Who is MSPAlliance?

MSPAlliance is a global industry association and accrediting body for the Cyber Security, Cloud Computing and Managed Services Provider (MSP) industry. Established in 2000 with the objective of helping MSPs become better MSPs. Today, MSPAlliance has more than 30,000 cloud computing and managed service provider corporate members across the globe and works in a collaborative effort to assist its members, along with foreign and domestic governments, on creating standards, setting policies and establishing best practices.