Ellie Mae Announces Successful Completion of SOC 2 Examination

Company Publishes SOC 2 & SOC 3 Reports

PLEASANTON, Calif. – April 16, 2013 – Ellie Mae® (NYSE: ELLI), a leading provider of enterprise level, on-demand automated solutions for the residential mortgage industry, today announced that it has recently completed its Service Organization Control 2 (SOC 2) Type II examination under AT Section 101, Attest Engagements. The successful completion of this comprehensive audit indicates that processes, procedures and controls have been formally evaluated and tested by an independent accounting and auditing firm.

The examination included the Company’s controls related to the Trust Services Principles and Criteria of Security, Availability and Confidentiality of Ellie Mae’s Software-as-a-Service (SaaS) offerings. The Company believes it is the first loan origination system (LOS) provider to undergo a SOC 2 examination.

The American Institute of Public Accountants developed new standards in 2011 known as the Service Organization Controls (SOC) reporting standards. A SOC 1 report essentially replaces the SAS 70. In the past, the SAS 70 reports focused only on internal controls for financial reporting. However, the SOC 2 and SOC 3 are new reports allowing for auditor opinions on the effectiveness of controls at a service organization relevant to security, availability, processing integrity, confidentiality and privacy.

Ellie Mae will now be entitled to use the Service Organization Logo on its website. Visitors can click on the logo and see the publicly available SOC 3 report. The SOC 2 examination report is now available to clients and prospects under terms of a confidentiality agreement.

“Today, the majority of our Encompass360® clients take advantage of our hosted SaaS offerings,” said Jonathan Corr, president and chief operating officer of Ellie Mae. “They are trusting us to protect the security and confidentiality of their data and their customers’ information. Undergoing an extensive third-party audit and achieving SOC 2 status demonstrates how seriously we take our commitment to security and availability.

“Two years ago, Ellie Mae hired David Harrison as director of our Information Risk Management Office to oversee information security and risk initiatives, performance of third-party audits and the implementation of its Governance Risk Compliance (GRC) utility. In 2012, we invested more than $8 million in capital improvements, designed to enhance system security and availability,” Corr said.

About Ellie Mae

Ellie Mae, Inc. (NYSE: ELLI) is a leading provider of on-demand automation solutions for the mortgage industry. The Company offers an end-to-end solution, delivered using a Software-as-a-Service model that serves as the core operating system for mortgage originators and spans customer relationship management, loan origination and business management. The Company also hosts the Ellie Mae Network™ that allows Encompass® users to electronically conduct business transactions with the lenders and settlement service providers they work with to process and fund loans. The Company's offerings include the Encompass, Encompass360® and DataTrac® mortgage management software systems.

Ellie Mae was founded in 1997 and is based in Pleasanton, California. To learn more about Ellie Mae, visit www.EllieMae.com or call 877.355.4362.

© 2013 Ellie Mae, Inc. Ellie Mae®, Encompass®, Encompass360®, DataTrac®, Ellie Mae Network™ and the Ellie Mae logo are registered trademarks or trademarks of Ellie Mae, Inc. or its subsidiaries. All rights reserved. Other company and product names may be trademarks or copyrights of their respective owners.


Bill Campbell
Campbell Lewis Communications

Back arrow