Certrec Corporation, a leading licensing and regulatory compliance provider for NRC and NERC compliance, announced today it has maintained its ISO 27001:2013 certification for the sixth consecutive year and has successfully completed its third Type 2 SOC 2 examination. Compliance with these standards in certification and examination demonstrate continued commitment by Certrec to information security as well as to the security and confidentiality of client information.
An independent, third-party audit found Certrec’s technical controls, formalized IT Security policies and procedures, and physical security measures and countermeasures compliant with standards and best practices to qualify Certrec as a secure vendor. Steven Thomas, Certrec’s IT Director, commented, “I am pleased once again Certrec was able to have an independent, third party verify that our processes and systems meet or exceed industry best practices . Obtaining the ISO certification and the Type II SOC 2 clean audit results (available upon request) proves Certrec employees work continuously within Certrec’s Policies and Procedures to improve the security, availability, and accuracy of all of Certrec’s products.”
As technology evolves and cyber security threats become more prevalent, Certrec is committed to maintaining and exceeding its security standards. Certrec has received feedback from several clients that the ISO 27001 certification and Type 2 SOC 2 examination were key parts in their business decision. Certrec qualifies as a secure vendor, providing clients with assurance that their information is safe, and Certrec is committed to protocol and service that will relieve clients of their own expensive examinations.
“Certrec has positioned itself to be in a very select class of businesses to obtain both the ISO certification and Type II SOC 2 audit results and is the only business to offer the services we do with those credentials,” said Ted Enos, Certrec President & CEO. “Certrec commits to performing the ISO 27001:2013 certification and Type 2 SOC 2 examination each year in the future to maintain its secure status.”
Founded in 1988, Certrec is an engineering and technology-based regulatory support services organization that has developed exceptional capabilities to support the electric power industry’s regulatory activities emanating from the Nuclear Regulatory Commission (NRC), the North American Electric Reliability Corporation and Regional Entities (NERC), and others.
Certrec’s industry professionals have direct working experience in all regulatory areas of licensing, compliance, and engineering. This expertise, combined with Certrec’s Information Technology assets, gives the electric power industry technology-based solutions and tools designed specifically to help them manage regulatory issues.
Nuclear, fossil, and renewable generation and transmission utilities and entities across the United States rely on Certrec’s highly skilled team to help direct the regulatory process to their advantage.
Certrec performance of annual ISO/IEC 27001:2013 and Type 2 SOC examinations and audits assures clients of its commitment to maintaining or exceeding current levels of service.