Does AA have any internal audits to know if something is not working?
AA follows a regular Semi-annual Audit Program, wherein the following are evaluated:
- Policies and processes both for IS and the organization as a whole
- Local security
- Network security
- Vulnerability assessment
How does AA ensure client data is secure, protected, and kept confidential?
Our commitment to preserving the confidentiality, integrity and availability of client information is attested to by our ISO 9001-2015 certification. Furthermore, all client data remains on client servers, which allows our clients to maintain control of sensitive and confidential information. Our offshore personnel operate in a paperless work environment and from “dumb terminals” where web access has been severely limited and often completely disabled.
How my data is secured, what is your data security policy?
Network and Data Security
AA follows well defined multiple physical and software security system to ensure consistent quality results through processes designed as per standards of ISO 9001:2015.
Dual monitor system is used wherein our processors process the data on one monitor in the relevant software and view the source documents on another monitor. The source documents are scanned by you in US into a computer server which is physically located in US. Our production team can see data on screen but they can never download or print any data.
AA has invested in a state of the art infrastructure which features:
- Firewalls and IDS monitored around the clock.
- Antivirus installed on all desktops and servers. These are updated and upgraded at regular intervals.
- Restricted access to Servers and shared areas on the servers. This ensures that only authorized personnel are allowed to access the relevant data.
- Access to the internet only for work related sites.
- Backup and Disaster Recovery. This takes care of Data Security in the event of a disaster
- Workstations with disabled Media such a floppy drives, CD/DVD drives, USB drives, handheld devices, mobile phones & printers.
Is all of the work handled via the Internet? How do I send my work to you?
The flexibility provided by the Internet is at the heart of our success as providers of superior quality accounting and bookkeeping services. Most of our projects are web based and so we can communicate and transfer files through the internet. At the initial stage of communicating your project requirement, you can send us a brief description or a document about your project requirements. If you have an application on which you need us to work on or analyze, we will need to get:
- Web server details
- Database details
- FTP details
If you would like to work on your server, you provide us a remote login access
What is your HR policy with regard to Employee Security?
AA follows in stringent HR policy which spells out below measures:
- Reference checks at the time of recruitment, from past employers.
- Educational qualifications verified directly with educational institutions and a criminal background check from local police stations.
- Entry is restricted and monitored through swipe cards
- Non-disclosure Agreements signed with all employees during time of employment.
Why is it crucial to have the hosting site located here in the U.S.?
We believe there are two primary reasons. First, the uncertainty of sending privileged information halfway around the world to be stored on servers in India is unnerving to most CPAs and their taxpaying clients. Secondly, with a domestic host, AA can control all programs, tax software and servers-both here and in India-from that hosting facility.