June 17, 2015 Varum Padmanabhan

Does your company perform Annual SAS or SOC “Service Organizational Control” Audits?

If you or your company has ever performed an SSAE/SAS/SOC Audit you would quickly realize how important a strong recruitment / hiring process is.

“The basis of these types of audits are the following trust services principles: Security, Availability, Processing Integrity, Confidentiality, or Privacy. The audit will report on one or more of the trust services principles.  Entities will undergo these audits to provide assurance to their users that the controls they are providing are in accordance with the relevant trust principle.”

Having been directly involved with these annual audits since their inception, we find that the HR/Recruiting policies are strictly adhered to and enforced with the use of an Applicant Tracking System.  The System automates all crucial recruiting and hiring functions and in the process automatically documents all of the needs for this portion of the report. Applicant Tracking Systems are no longer a nice to have, they are a necessity!  From government reporting requirements to Service Organizational Control audits, these systems will perform the controls for the recruiting and hiring policies that you need in place. In a recent conversation with our auditors I was surprised to find that many companies have exceptions in this area?  What I mean by an exception is that some companies fail to have a defined and documented process around recruiting and hiring.  These exceptions can be easily solved by employing an Applicant Tracking System!