To ensure the safety of your data at all times, we employ several layers of physical and digital security measures, in our buildings and in our servers.

• Biometric access to work areas
• Locked, active directory-controlled workstations accessible only by authorized users
• NDA signed by all employees
• Dedicated resources for FTE-based accounts to ensure data privacy
• VPN tunnels and firewalls for secure access to the network for authorized senior-level personnel only
• Physical monitoring of all buildings 24 hours a day, seven days a week, including armed night guards for additional security
• Remote CCTV monitoring
• Regular internal audits and facility monitoring
• Restricted work areas — no media, cell phones, or paper allowed in work areas for process associates
• Dual monitors for paperless function

See our pricing options.

We do provide discounts depending upon the volume and scope of work. This can be discussed after analyzing the needs of your company and the resources required to serve those needs.

GraphX will have a dedicated team of professionals working on your account—TAT for routine work is 24 hours or less. For any urgent needs, the TAT will be five hours or less if requested between 9:00 a.m. and 5:00 p.m. local U.S. time. The initial on-boarding period will be 30 days or less.

Maintaining high standards and quality of work is of utmost importance for a successful client relationship. We have several measures in place to ensure that high quality.

• Detailed time estimates for each of our deliverables
• Build tools and process automation
• Effective back-up to guarantee continuity of process
• 90 percent achievement rating for optimal quality
• Five or more hours of training each month for each employee
• 99.5 percent uptime for technical and human systems
• Resolution escalation in four hours or less
• Full transparency and access to all error reports
• Multiple redundant high-speed networks for process continuity
• Backup generators and UPS for process continuity

No.

Yes.

GraphX has a multi-level escalation path.

• Dedicated, named resources for FTE-based accounts to ensure data privacy
• Dedicated, named supervisor for high-volume clients
• Named unit manager at the offshore operations site
• Named client relationship manager in the U.S.

Our response time is 4 hours or less for resolution escalation between 9:00 a.m. and 9:00 p.m. Eastern time. Depending on escalation volume, we also provide resolution times within the client’s working time zones.

We always have about 20 percent of our staff trained and available as backup. Our current facility has a floor with 2,000 square feet of workstation space and can accommodate an additional 150 to 200 employees working in multiple shifts.

We have an in-house hiring team, but we also make use of additional HR resources if the need arises. We hire only college graduates and post-graduates with MBAs and finance degrees. Our supervisors, consultants, and unit managers have CA degrees equivalent to the U.S. CPA certification. We provide a minimum of four weeks’ training to new hires in the area of U.S.-based accounting software systems.

Yes.

We provide various methods of data transfer to suit the needs of our clients.

• Web-based scanning to our in-house document management system
• Email directly from the scanner or as attachments
• FTP directly from the scanner or via our user interface
• PDF or Excel files
• Instant-messaging services for immediate resolution
• Shared cloud storage space
• Local U.S. numbers for phone or fax communication

We do charge a nominal fee. However, this can be waived depending upon the scope and nature of the work requested.

We do prefer an annual contract. This can be adjusted based on the scope and volume of work.

We stand behind our associates’ quality of work. However, client satisfaction is of utmost importance. If we have to redo any work because of a failure on our part, we don’t charge our client for the additional work.

We have professionals who are experts in QuickBooks, SAP Business One and Microsoft Dynamics.

We support remote connectivity and services for the entire U.S. Our U.S. office is located in New York and can provide local services for the tri-state area.

GraphX’s facility and procedures are built to support fast, secure interactions. Our security philosophy is derived from AICPA best practices.

Outsourcing and Privacy: 10 Critical Questions Top Management Should Ask

AICPA – American Institute of CPAs

The key privacy concerns related to outsourcing are the same for onshore and offshore outsourcing activities. When poor practices are in place in either location and a privacy breach occurs, the results are similar: a loss of consumer trust and potential litigation from the injured party. The public’s perception is somewhat fed by the media, who tend to treat offshore privacy breaches with more scrutiny and add to the general public’s notion that foreign businesses are more mysterious and largely unknown.

Traditionally, an organization will be best served if it approaches privacy management from a best practices approach. Using good privacy practices provides a consistent approach to protecting personal information in a way that individuals can easily understand. Solid privacy practices also establish a benchmark for organizations of all sizes across all industry sectors.

An organization that wants to manage its privacy risk and implement a best practices approach to outsourcing should consider the following critical questions:

1. Who are the outsourcing organizations we contract with and where are they located?
2. Precisely what data are we sending to, and receiving from, outsourcing organizations?
3. Is the data “personal information,” and have we given notice to our customers of this data transfer?
4. What are our exposures if the data (both sent and received) is improperly accessed, used or maintained?
5. What data protection clauses do we have in these contracts?
6. What evidence do we have that these outsourcing organizations protect our data as outlined in these data protection clauses?
7. What processes are in place to monitor the outsourcing organizations?
8. Do these organizations outsource any of their processes in which our data may be further transferred to another organization?
9. What processes do the outsourcing organizations we contract with use to verify the data protection practices followed by their outsourcing partners?
10. What are the applicable privacy laws and regulations?

The process of answering these ten questions is the starting point to implement a solid outsourcing privacy environment.