News | Aires

Aires Expands Information Security Program

Written by Aires Authors | Apr 27, 2017 9:41:00 AM

Aires is focused on protecting and preserving the value of critical business data assets and intellectual property. We are proud to announce exciting enhancements to improve our Regulatory Compliance and Data Privacy Programs.

Last fall, the protections provided by the Safe Harbor privacy principles were judged inadequate by a European Court and a new framework was put into place. In response to this ruling, Aires took steps to successfully receive approval of EU-U.S. Privacy Shield status, accomplished solely with our internal expertise. With the recent approval of the Swiss-U.S. Privacy Shield Framework this year as a valid legal mechanism to comply with Swiss requirements when transferring personal data from Switzerland to the United States, Aires has also begun the necessary steps to comply with this new framework.

Additionally, Aires is preparing to release a new Type 1 report, covering AICPA Service Organization Control (SOC 2). This report will replace our SOC 1 reporting process and will demonstrate the internal controls we have in place regarding the Trust Service Principles (TSPs) of security, availability, processing integrity, confidentiality, and privacy. Most companies select one or two sets of TSPs for certification; however, due to the nature of our business, clients have requested that we report on all five TSPs, a task we are proud to accomplish for them. Once this report is issued next year, we will begin a new auditing period for our Type 2 report.

In conjunction with efforts for SOC 2, steps are being taken to prepare for an extensive audit of Aires’ Information Security Management System (ISMS) against ISO 27001, an international standard published by the International Organization for Standardization (ISO). Areas such as Risk Assessment, Business Continuity, and Internal Audit are all being augmented with the goal of becoming ISO 27001:2013 certified.

All of these new frameworks, coupled with our existing FIDI-FAIM 3.1, C-TPAT, ISO 9001:2008, and ISO 14001:2004 certifications, demonstrate Aires’ continued commitment to the protection of sensitive data and our desire to strengthen our program to deliver the industry’s best data protection.
 

About Aires
Aires delivers best-in-class global and domestic relocation solutions and mobility program management. Having been recognized by The Forum for Expatriate Management, the Better Business Bureau, and the Stevie Awards for organic growth methodology, excellent client/vendor partnerships, and leading-edge proprietary technology, Aires focuses on people, process, and technology to deliver world-class service. The company has also achieved ISO 9001, ISO 14001, FIDI-FAIM, C-TPAT, and Privacy Shield certifications and registrations. Clients are assured a focus on quality and customer service excellence when partnering with Aires. For more information, please visit www.aires.com.