AICPA SOC 2
We are excited to announce that Public Works and Government Services Canada (PWGSC) have selected Nimble as a preferred vendor to provide complete document imaging services including: To receive and convert paper and micrographic material, digital and other hard copy records to electronic images, to generate and/or capture identified metadata and index data, mailroom services, and to store and/or provide images and data that will integrate into specified document management systems, business systems or databases for future retrieval and use. National Master Standing Offer Contract Number: EN929-142184/007/XS
SOC 2 is an auditing procedure that ensures your service providers securely manage your data to protect the interests of an organization and the privacy of its clients. Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality and privacy.
- CAN/CGSB-72.34-2017—Electronic Records as Documentary Evidence
- CAN/CGSB-72.11-93 Microfilm and Electronic Images as Documentary Evidence,
- CAN/CGSB-72.34-2005 Electronic Records as Documentary Evidence
- PCI – SAQ-D
- Protected B – Nimble has Level B Security Clearance from the Federal Government for the secure storage and handling of confidential documents. Due to existing contracts, we are expected to meet strict security standards which are regularly audited by the Government clients including Canada Post and Canada Revenue Agency.
- RCMP Harmonized TRA – 2007-10-23. – In line with our best practices focus, Nimble recently implemented a Rogue Detection system based on new Threat Risk Assessment requirements and guidelines in RCMP Harmonized TRA – 2007-10-23
- Nimble adheres to the Personal Information Protection and Electronic Documents Act (PIPEDA), Ontario’s Personal Information Protection Act (PHIPA) and the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA).
- Nimble Cloud services reports include SOCII 3rd party penetration testing an SSAE SOC1Type 2