Data Security & Technology
At Weltman, we dedicate a significant portion of our resources to ensuring the confidentiality, integrity, and availability of sensitive information. Our goal is to always ensure we operate in a manner that protects the firm, our clients, and their consumers, from any undue risk.
Our clients rely on us to protect their consumers' Personally Identifiable Information (PII). As a result, we have implemented industry-leading best practices in order to address potential information security and compliance risks. The key elements of our operations, including compliance, technology, and data security, are thoroughly scrutinized and run through checkpoints, both internally and externally, on a consistent basis.
Our controls are validated by third-party auditing, vulnerability assessments, and penetration testing conducted annually by certified CPA, CEH, HITRUST and PCI ASV organizations, which verifies that Weltman has the proper administrative, physical, and technical controls to address security risks.
These Audits & Certifications Include:
- FISMA Readiness
- ISO 27001
- PCI-DSS 3.2
- SOC 1 Type II
- SOC 2 Type II
Additional layers of security for the firm include our robust Incident Response, Business Continuity, and Disaster Recovery Plans, which detail our firm's processes for the detection, reporting, response, management rules, recording, evaluation, impact analysis, isolation, escalation, restoration, and notification of handling any event that might interrupt our operations or security.