Petaluma, Calif. (Oct. 15, 2019) — National debt collection agency Optio Solutions recently received four certifications that are essential components of operating a best-in-class organization in the credit and collections industry. Three of the certifications (PCI DSS 3.2, SOC 1 Type II, and SOC 2 Type II) were annual renewals while the fourth (SOC 3) is new to Optio.
“These attestations represent our commitment to maintaining the finest data security standards, financial reporting controls and corporate compliance,” said President and CEO Chris Schumacher of Optio Solutions. “The addition of SOC 3 certification provides greater transparency since it enables us to share the effectiveness of our non-financial controls in a general use report.”
KirkpatrickPrice, a licensed CPA and Qualified Security Assessor, conducted the audits and issued the attestations for all four certifications in late May.
“Optio Solutions’ clients rely on them to protect sensitive consumer information,” said Joseph Kirkpatrick, president of KirkpatrickPrice. “Optio Solutions has implemented best practice controls demanded by their customers to address information security and compliance risks. Our third-party opinion validates these controls and the tests we perform provide assurance regarding the managed solutions provided by Optio Solutions.”
PCI Data Security Standards (PCI DSS 3.2) establish technical and operational requirements for merchants and service organizations using, storing or transmitting payment card data. Focus areas include security management, policies and procedures, network architecture, software design, and other critical protective procedures.
According to the American Institute of Certified Public Accountants (AICPA), System and Organization Controls (SOC) determine a service organization’s system-level controls or entity-level controls of other organizations.
SOC 1 Type II reports are compliant with the SSAE 18 auditing standards and evaluate clients’ internal control over financial reporting at service organizations throughout a specific period.
SOC 2 Type II reports audit the effectiveness of controls that are relevant to the security, availability, and processing integrity of systems that service organizations use to process clients’ data as well as the confidentiality and privacy of the information that is processed. Based on the AICPA’s Trust Services Criteria, these reports benefit service organizations because they can provide corporate oversight and governance, vendor management, risk management, and compliance.
Use of SOC 1 and SOC 2 reports is restricted to the management of the service organization, user entities, and user auditors.
SOC 3 reports also assess the effectiveness of controls at a service organization relevant to security, availability, processing integrity, confidentiality or privacy, but they may be freely distributed.
The audits conducted by KirkpatrickPrice for the three SOC certifications included a thorough testing of Optio controls between April 22, 2018 and April 21, 2019.
About Optio Solutions, LLC
Optio Solutions, LLC is a national debt collection agency focused on protecting its clients’ brands and improving ROI via extensive financial services experience, advanced technology, certified data security, legal compliance and professionally designated staff. Optio is a member of ACA International and the California Association of Collectors.
About KirkpatrickPrice, LLC
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 900 clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, HIPAA, HITRUST CSF, PCI DSS, GDPR ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.
707-665-2100 ext. 9503