Corodata Receives SOC 1 Type II Attestation

by Sarah Harvey / February 8th, 2018

Independent Audit Verifies Corodata’s Internal Controls and Processes

Poway, CA — Corodata, an Information Management Company, announced that it has completed the rigorous SSAE 18 (SOC 1) Type II Audit. Now more than ever, independent audits like SOC 1 Type II are imperative for protecting confidential information. This attestation verifies that Corodata has the proper internal controls and processes in place to deliver high-quality records management services to its clients. KirkpatrickPrice, a licensed CPA, and PCI QSA firm performed the audit and appropriate testing of Corodata’s controls that validates our process and security controls. In accordance with SSAE 18 (Statements on Standards for Attestation Engagements), the SOC 1 Type II audit report includes Corodata’s description of controls as well as the detailed testing of its controls over a minimum six-month period.

The Importance of Independent Audits

“Many of Corodata’s clients rely on them to protect consumer information,” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “As a result, Corodata has implemented best practice controls demanded by their customers to address information security and compliance risks. Our third-party opinion validates these controls and the tests we perform provide assurance regarding the managed solutions provided by Corodata.”

What Exactly is SOC 1 Type II?

SOC 1 Type II is a reporting on the controls at a service organization that was established by the American Institute of Certified Public Accountants (AICPA). This report is in compliance with the SSAE 18 auditing standards which focus on the controls of a service organization that are relevant to an audit of a user entity’s financial statements. The standard demonstrates that an organization has adequate controls and processes in place. Without these best practices, organizations can put the confidential and sensitive information of their clients at risk of identity theft, data breaches, and more. Federal regulations such as Sarbanes-Oxley, Gramm-Leach-Bliley and the Health Insurance Portability and Accountability Act (HIPAA) require corporations to audit the internal controls of their suppliers, including those that provide technology services.

What Does This Mean for Corodata?

As the largest independent records management company in California, Corodata strives for the highest levels of certification in compliance, meeting and exceeding legal requirements. Receiving this attestation puts Corodata in a position once again to exceed the industry standards expected of records management companies. Considering more than 10,000 California companies employ Corodata’s services, the SSAE 18 (SOC 1) Type II Audit goes a long way in securing the important information of California businesses.

About Corodata

For over 60 years, Corodata has been providing quality services to California businesses. Family-owned and operated since 1948, Corodata is the largest independent records management company in California. Corodata offers a full range of services including records storage, shredding, scanning, tape, and cloud data protection.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 550 clients in more than 48 states, Canada, Asia, and Europe. The firm has over 11 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, HIPAA, HITRUST CSF, PCI DSS, ISO 27001, FISMA, and CFPB frameworks. For more information, visit kirpatrickprice.com follow KirkpatrickPrice on Twitter @KPAudit, or connect with KirkpatrickPrice on Linkedin.