Q3 Security Roadmap
ISO 27001 Certification
By obtaining certification to ISO 27001, DailyPay will join the ranks of the few companies that step up and insist on independent and impartial assessments as a means of proving its credentials. DailyPay's information security management program will be tested and proven to be at the highest international standards, bringing peace of mind to our partners.
Achieving the ISO/IEC 27001 standard is a three-stage security audit:
- An initial review of the company’s ISMS
- An in-depth, formal compliance audit to test the company’s ISMS against the standard’s requirements
- Regular follow-up audits to confirm that DailyPay remains in compliance with the standard
ISO/IEC 27001 defines a set of best practice information security controls around which businesses can develop an Information Security Management System (ISMS). Established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission, ISO 27001:2013 is designed to ensure that businesses are implementing security in a consistent, coherent and cost-effective manner.
SOC 2 Type 2 Recertification
DailyPay has been SOC 2 Type 2 certified since June 1, 2018.
The Service Organization Control (SOC) 2 Type II examination certifies that an independent accounting and auditing firm has reviewed and examined an organization’s control objectives and activities, and has tested those controls to ensure that they are operating effectively. SOC 2 is based on Policies, Communications, Procedures and Monitoring.
The period of time is typically six months to one year. This independent review ensures that the organization meets the stringent requirements set forth by the AICPA and CICA. When trusting an application with highly sensitive and confidential information, such as passwords, documents and secure images, obtaining high-level certification is imperative.