AnsweredAssumed Answered

Need SOC2 report.  How do I get a copy?  CA is claiming that all of their SaaS offerings are audited for at least type 1.

Question asked by GeorgeGong1353667 on Dec 28, 2017
Latest reply on Jan 5, 2018 by Michael Bulkeley

I am performing a vendor check for Flowdock.  Per this document here all of the CA SaaS products are audited for compliance.  Could you please forward me a copy of the latest report?

https://www.ca.com/content/dam/ca/us/files/faq/frequently-asked-questions-about-saas-solutions.pdf 

 

In case this document is not accurate, please forward me a security whitepaper for the vendor check.  Such should include whether there is change management, what are the hosting provider certifications, some information about firewalls, separation of duties, audit trail, and all the other things you'd expect for a security white paper.  Thank you! 

Outcomes