As the company started building its data security program from scratch it knew that it had lofty goals. This student loan provider had access to its customers personal and financial information and it was imperative that it protected the information it stored and that it gave confidence to its customers that their data was handled securely. The student loan company understood how important it was to have a comprehensive data security program in place but needed help to get it started. When the new Chief Technology Officer (CTO) took over the role, they realized that many of the important elements were held by different departments and coordination across all departments needed to be improved. That’s why they signed up as an Ostendio Premium customer to ensure the company could be disciplined and organized and that it would help them reach the company goal of SOC 2 Type II.
The Student Loan company started with the basics by building a program from the bottom up that would ultimately be able to grow and scale as their company also grew. The CTO realized they were going to need some expert help and so they engaged Ostendio in a Professional Services contract. The Ostendio Professional Services experts supported the Student Loan company by becoming an extension of the current security team dedicated to this important project. Ostendio Professional Services provided expert assistance in the preparation work such as reviewing, developing and operationalizing their policies and procedures. “Ostendio provided support from the very beginning by identifying the gaps in their security program,” said Michelle Moreno, Ostendio Professional Services Director and ISO.
The Student Loan company uses Ostendio to handle:
After completing basic preparation with the Ostendio Professional Services support team, the Student Loan company was ready to select an audit partner for their SOC 2 audit. Ostendio Auditor Connect makes it easy to find and contract with a specialized auditor who can perform the SOC2 audit using the Ostendio platform. The Student Loan company selected A-LIGN as their audit partner. “The Ostendio Auditor Connect feature is an innovative way for clients and auditors to connect and contract for an audit engagement,” said Michelle Moreno, Ostendio Professional Services Director and ISO.
With both the client and auditor (A-LIGN) using the Ostendio platform, the Student Loan company saved time and money. The Ostendio platform allows both parties to communicate through the platform, sharing the required documents and discussing the policies that are required. This speeds up the audit process and makes completing a SOC 2 audit easier, and more cost effective, for all parties involved. The Student Loan company has successfully completed their first SOC 2 Type II audit and has built a robust data security program. In future years, using the Ostendio platform to complete the audit will be easier as the initial setup with relevant and operationalized documentation is already complete. As the company grows it can continue to use the Ostendio platform for all its data security and risk management needs. The platform maps to over 100 regulations and standards globally making it easy for customers to map their existing compliance documents and evidence to additional standards.
This leading Student Loan Provider is simplifying the student loan experience. As a fintech lending company with a sole focus on private student loans, they’re using technology and their deep industry expertise to connect families who need to cover education costs. By specializing in student loans, they are able to give customers the attention they deserve and deliver loans that are simple, clear, and personalized for the individual.
Copyright ©2022 Ostendio, Inc.
All rights reserved