2,299
edits
Changes
→Overview
Within our system, our '''internal system security '''is a two-tier model:
* [[User]] access is firstly [[Organization hierarchy|hierarchically]] -dependent and can furthermore be restricted by [[User Role|role]]; field-level security is also based on role
* [[Global User Administrator|Manager]] permissions control access to higher-level functions within {{UTA}}s
||'''Certifications, Memberships & Compliance'''
||
* SmartSimple and its hosting partners are all SOC 2 certified
* SSAE 16 (The United States)*
* CSAE 3416 (Canada)
* The creation of [[User Role|user roles]] define levels of access - this is a central feature of the [[SmartSimple]] platform
* This user level control ensures that information is only accessible to those who are authorized
* Access policies are configurable to be as granular as necessary
* See Also: [[Organization hierarchy#Organization Based Security|Organization-Based Security]]
|-
||'''Applicant Screening'''
||
We've built in comprehensive screen options through OFAC and GuideStar™.
We also integrate with international tax authorities to verify charitable status:
* The Internal Revenue Service (IRS)
* The Canadian Revenue Agency (CRA)
* The Australian Business Register
* Charity Commissioners (UK)
|-
||Protect your organization and system by requiring an additional layer of user verification beyond a username and password. Two-factor authentication drastically reduces the incidence of online identity theft and fraud.
|}
*SSAE 16 supersedes Statement on Auditing Standards (SAS) No. 70 with the professional guidance for performing a service auditor's examination. <br />* Our hosting server, '''AWS (''''''Amazon Web Servcices), '''is FedRAMP authorized, follows ISO 27001 best practice guidance, and is a PCI DSS Level 1 Service Provider.
[[Category:Contents]]
