The SOC 2 certification is an assurance of the service organisation's principal service commitment in accordance with International Standard on Assurance Engagements (ISAE) 3000 issued by the International Auditing and Assurance Standards Board (IAASB).
The certification also provides assurances about whether the controls have been designed and operated effectively based on the applicable Trust Service Criteria (TSC).
FAB has engaged independent service auditors to review the applicable trust services criteria for information security services offered to FAB’s international branches. The scope of the certification includes India, France, Hong Kong, Singapore, the United States of America, the United Kingdom, Kuwait and Saudi Arabia for the service offered from 1 February 2023 to 31 October 2023.
The SOC 2 Trust Services Criteria includes:
Security
This criteria is also known as common criteria and is included to demonstrate that systems at a service organisation are protected against unauthorised access and other risks that could impact the service organisation’s ability to provide the services promised to clients.
Availability
This is included where service organisations need to demonstrate that their systems are available at all times.
Processing integrity
This demonstrates that system processing is occurring accurately and in a timely manner.
Confidentiality
This is included to demonstrate that data classified as confidential is protected.