Compliance

Providing secure fully-managed cloud-based ERP solutions for businesses around the globe.

We strive to take away the troubles and concerns of our clients. Staying in compliance with rules and policies when migrating your accounting and finance solutions to a cloud-based system can be a headache. Especially for small businesses and CPAs, too busy with daily tasks to spend extra time on figuring out how to make sure their cloud-based hosting is compliant with industry standards. 

Choose among SOC 1, SOC 2, and SOC 3 certified compliant cloud hosting services. 

Developed by the American Institute of CPAs (AICPA), SOC certificates verify that a cloud hosting provider truly maintains practices and techniques aimed to protect their clients’ data. 

SOC 1 Certification

SOC 1 certification verifies a cloud hosting provider’s internal controls and procedures that are relevant to protecting a customer’s financial reporting. SOC 1 compliance are focused primarily on handling hosting service clients’ finance-related data, which may impact financial statements and reports if compromised. 


SOC 2 Certification

SOC 2 certification confirms that a cloud hosting company provides properly managed non-financial reporting controls and processes aimed at protecting data of its customers. SOC 2 evaluates the level of protecting customer data based on the five Trust Services Criteria — security, availability, processing integrity, confidentiality, and privacy. 

Whether you have SOC 2 compliance requirements to follow or just need a reliable confirmation that your data is protected properly, SOC 2 certificate gives you the certainty that each aspect of gotomyerp’s security is up to the highest standards.


SOC 3 Certification

Need to convince business partners, clients, authorities and other interested parties that your business data on cloud servers is perfectly secure? 

SOC 3 is a publicly available, shortened and less technical version of SOC 2 certification, which is a confidential report. SOC 3 includes a list of tests conducted by the auditor and test results, as well as a condensed description of the full scope of SOC 2 Type 2 audit report. SOC 3 also includes auditor’s letter and summary opinion on the quality of hosting provider’s controls and processes.

Authorized Government Cloud Service Provider

Government organizations have always faced the need to meet the toughest security and regulatory requirements, and rightfully so. gotomyerp offers a wide selection of cloud services that comply with regulations for federal, state and local government entities in the United States and Canada. 

gotomyerp provides government entities with cloud hosting that complies with these and other common regulations:

  • FedRAMP High baseline
  • DOJ’s Criminal Justice Information Systems (CJIS) Security Policy
  • U.S. International Traffic in Arms Regulations (ITAR)
  • Export Administration Regulations (EAR)
  • Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) for Impact Levels 2, 4, and 5
  • FIPS 140-2
  • IRS-1075

We can considerably reduce compliance-related requirements for all U.S. federal government departments and agencies, public services, state and local governments, defense contractors, non-profit organizations, educational institutions, or any other government entities.