The SOC (System and Organization Controls Reports) Audit is a report issued by a professional third-party accounting firm, after auditing the system and internal control of the outsourcing service organization, guided by American Institute of Certified Public Accountants (AICPA)。 It covers five areas: security, confidentiality, usability, processing integrity and privacy。 Lily & Beauty passed the SOC2 Type I audit in July 2018 and the SOC2 Type II and SOC3 audit in February 2019。 Moreover, it obtained the audit report issued by Ernst & Young, the first E-commerce retail company in China that has passed the SOC2 audit。
In accordance with the “Basic Requirements for the Security Level Protection of Information- System Information Security Technology” (GB/T 22239-2008), S3A3G3 in the “Measures for the Protection of Information Security Levels” promulgated by the Ministry of Public Security and other three ministries, Lily & Beauty passed the 3rd level in March 2018 with a high score and put on record as Level 3 of Information System Security Level Protection。
Since June 2018, the company has fully used the Symantec Endpoint Protection (SEP) software, the highest standard in the industry, and the Data Loss Prevention (DLP) tool, to effectively ensure the security of terminal equipment and significantly improve the level of information security protection。
At the end of 2017, to face the unique information security challenges of the Internet industry, the company set up an information security department to systematically integrate fragmented and trapped information security management of traditional enterprises by integrating management principles such as integrating resources, defining responsibilities, and strengthening processes. The trend of pre-staged and systematic transformation aims to minimize the risk of information leakage and protect consumer rights.
In case you need to check the certificate of compliance or report, please send an email to