How to generate a SOC 1 or 2 (also known as SSAE16) audit report for Control-M? |
SOC-1, SOC-2, and SSAE16 are generic standards intended to ensure that a service provider has in place adequate control for ensuring: Security, availability, processing integrity, confidentiality and privacy of customer data. On Premise Control-M: SOC-1, SOC-2, and SSAE16 are not directly relevant for On-Prem Control-M. It is relevant as far as BMC corporate systems are concerned. The attached report is relevant to the corporate systems and locations; product specific information as it relates to Control-M not included because the audits do not apply to On Premise software. For SaaS Control-M: A dedicated SOC2 compliance is part of Control-M SaaS roadmap however not currently available and there is currently no scheduled delivery date. A report covering the Control-M SaaS platform service provider can be found in the link below. Extension letter until a few whitepaper will be released is attached to this KA
|