The following cloud based e-ticketing vendors are committed to ensuring the highest levels of data integrity, security and availability.

BCMI
Redmond, WA
DOTRDY Vendor
Sysdyne Technologies
Stamford, CT
DOTRDY Vendor
Earthwave Technologies
Indianapolis, IN
DOTRDY Vendor
Command Alkon
Birmingham, AL
DOTRDY Vendor

High level service providers maintain these minimum requirements:

Vendors provide internal audit and controls reports, covering minimally the security, availability, and processing integrity Trust Services criteria.
SOC 2 Reporting
99.5% of tickets are sent to an Agency (by the vendor) within 5 minutes from the time of ticket received from the source.
SLA Requirement
Letter of attestation from Management on file to block any product or system features that would allow the alteration of source data while in their custody.
Audit Log
Reports are prepared by an AICPA accredited Certified Public Accountant.
SOC 2 Reporting
A letter of engagement from the Auditing Firm indicating the commencement and completion dates of SOC 2 audit must be provided.
SOC 2 Reporting
Systems and their vendors send an audit log for each data field created and/or altered inside an Agency system.
Audit Log
Control frameworks, remediation reporting, and final reporting are shared annually to be deemed in compliance with standards and all vendors may be subject to random compliance inquiries and potentially audits in which these capabilities will be tested.
SOC 2 Reporting
An audited SOC 2 Type 2 Report will be provided annually. For the initial audit period, a SOC 2 Type 1 Report is acceptable.
SOC 2 Reporting
Incident reports are submitted to the Agency within 72 hours of any non-standard event (bug or other that causes source data to change).
Audit Log