San Francisco, CA, Sept. 06, 2017 (GLOBE NEWSWIRE) — TORA, provider of the industry’s most advanced cloud-based order and execution management system (OEMS), today announced that the company has undergone a Service Organization Control 2SM (SOC 2) examination resulting in a Certified Public Accountant’s report stating that TORA has designed and implemented controls to meet the criteria for the security principle set forth in TSP section 100, 2016 Trust Services Principles (TSP) and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy over its TORA OEMS and TORA Portfolio and Risk Management System (PRMS). The engagement was performed by Deloitte & Touche LLP.
A SOC 2 report is designed to meet the needs of existing or potential clients who need assurances about the effectiveness of controls in place at a service organization that are relevant to the security, availability, or processing integrity of the system used by the service organization to process clients’ information, or the confidentiality or privacy of that information.
“We are pleased that our SOC 2 report has shown that we have the appropriate controls in place to mitigate security risks,” said Robert Dykes, CEO of TORA. “This examination provides independent assurance to clients that TORA has robust systems and processes in place to satisfy the SOC 2 standards.”
The following Trust Services Principles and related criteria have been developed by the American Institute of CPAs (AICPA) and the Canadian Institute of Chartered Accountants (CICA) for use by practitioners in the performance of trust services engagements:
- Security. The system is protected against unauthorized access (both physical and logical).
- Availability. The system is available for operation and use as committed or agreed.
- Processing integrity. System processing is complete, accurate, timely and authorized.
- Confidentiality. Information designated as confidential is protected as committed or agreed.
- Privacy. Personal information is collected, used, retained, disclosed and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA and CICA.
“As asset managers continue to outsource their technology, SOC 2 examination will become necessary for vendors offering cloud-based and managed service solutions,” said Spencer Mindlin, Analyst at Aite Group. “The industry is increasingly keen to see proof of internal control policies and practices related to security, so vendors that provide such evidence will be in good stead for future evaluation.”
Current and prospective customers interested in a summary of the TORA SOC 2 report may contact [email protected]
TORA is the leading global provider of advanced investment management technologies supporting the full trading lifecycle. With a full suite of SaaS-delivered execution, analytics and compliance tools, as well as order, portfolio and risk management capabilities and a global FIX network, TORA’s products are utilized by hundreds of the industry’s leading hedge funds, asset managers, proprietary trading firms and sell-side trading desks globally. With headquarters in San Francisco, TORA has over 250 employees across offices in Hong Kong, Jersey, Romania, Singapore, Sydney and Tokyo. More information is available at www.tora.com.
[email protected]; 914-414-2884