Security Controls Statement

Covius maintains a robust Information Security program compromised of operational, technical, and physical security control measures. Covius aligns its security principles to GLBA regulatory requirements, the ISO27001 framework, and AICPA SOC2 audit compliance.

All client data is classified as Confidential with stringent data handling controls. Operational facilities are secured to prevent unauthorized physical access, damage, and interference to business premises.
Covius IT operational controls adhere to the ITIL framework with a commitment to continual process improvement. Covius leverages a fault tolerant network design, and maintains geographically diverse data center facilities for business resiliency.

Covius is AICPA SOC2 Type II certified with assessments performed annually. The SOC2 report is available upon request with a signed non-disclosure agreement.