ERI Becomes First ITAD & Electronics Recycling Company to Achieve SOC 2 Type II Compliance Certification
June 7, 2023
New York, NY -- ERI, the nation’s largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company, announced today that it has successfully completed the Service Organization Control (SOC) 2 Type II audit and has received compliance certification, making ERI the first and only SOC 2 Types I and II certified ITAD & e-waste recycler in the industry.
SOC 2 Type II compliance certification is recognized globally for its rigor in the review of organizations’ systems and controls. It affirms that ERI’s practices, policies, procedures, security, data integrity and operations meet the highest SOC 2 standards for security and data protection.
SOC 2 independent audits are conducted to review companies’ effective implementation of employee controls and training, IT systems and risk management control, product discipline, and vendor selection. SOC 2 Type II, the most extensive audit of its kind, is an attestation of controls at a service organization over a minimum six-month period. SOC 2 Type II reports on the description of controls, attests that the controls are suitably designed and implemented, and attests to the operating effectiveness of the controls.
During a SOC 2 Type II audit, independent auditors carry out field work on a sample of days across the testing period to observe how controls are implemented and how consistently effective they are in keeping potential and existing customers’ sensitive data safe, secure and fully protected. ERI has effectively met all SOC 2 Type II audit standards on a continuous basis.
“Achieving SOC 2 Type II certification further demonstrates ERI’s ongoing commitment to security, data protection and the responsible recycling of all electronic devices,” said John Shegerian, ERI’s Chairman and CEO. “Our partners and customers can feel 100% confident that we have made and continue to make every investment and operational protocol to establish and maintain the highest level of security and compliance in the industry. Our successful SOC 2 audits are also proof that we are always willing and able to provide third-party, independent audits, testing and validation to ensure our systems and controls are state-of-the-art for handling data can be fully trusted every step of the way.”
ERI’s SOC 2 examinations for both Type I and Type II compliance testing were conducted in accordance with standards from the American Institute of Certified Public Accountants (AICPA).
###
ERI is the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States. ERI is certified at the highest level by all leading environmental and data security oversight organizations to de-manufacture, recycle, and refurbish every type of electronic device in an environmentally responsible manner. It is the first and only company in its industry to achieve carbon neutrality at all its facilities nationwide, and the first to achieve SOC 2 Type I and Type II certifications for security and data protection. ERI has the capacity to process more than a billion pounds of electronic waste annually at its nine certified locations, serving every zip code in the United States. ERI’s mission is to protect people, the planet and privacy. For more information about e-waste recycling and ERI, call 1-800-ERI-DIRECT or visit https://eridirect.com.
You May Also Like