CBOSS Receives SOC 1 Type II Attestation and Meets Payment Card Industry Data Security Standards

by Sarah Harvey / September 18th, 2017

Independent Audit Verifies CBOSS’s Internal Controls and Processes and PCI Compliance

Poland, OH – CBOSS, an e-payment service provider, today announced that it has completed its SSAE 18 (SOC 1) Type II and PCI audits. This attestation verifies that CBOSS has the proper internal controls and processes in place to deliver high quality services to its clients.

KirkpatrickPrice, a licensed CPA and PCI QSA firm, performed the audit and appropriate testing of CBOSS’s controls that may affect its clients’ financial statements. In accordance with SSAE 18 (Statements on Standards for Attestation Engagements), the SOC 1 Type II audit report includes CBOSS’s description of controls as well as the detailed testing of its controls over a minimum six-month period. The standard demonstrates that an organization has adequate controls and processes in place.

KirkpatrickPrice also performed the audit and appropriate testing of CBOSS’s controls that are relevant to the storing and transmitting of information from credit, debit, or other payment cards.  In accordance with the PCI Security Standards Council, KirkpatrickPrice’s Qualified Security Assessors assisted CBOSS in becoming PCI compliant. The PCI Data Security Standard is a complex security standard that focuses on security management, policies, procedures, network architecture, software design, and other critical protective procedures.  These security standards are relevant to any merchant or service provider that uses, stores or transmits information from a payment card.

“Many of CBOSS’s clients rely on their systems to protect consumer information, process or store sensitive data, and protect information,” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “As a result, CBOSS has implemented best practice controls demanded by their customers to address information security and compliance risks. Our third-party opinion validates these controls and the tests we perform provide assurance regarding the managed solutions and accounts receivables management services provided by CBOSS.”

“Our partnership with KirkpatrickPrice has been instrumental in our efforts of security and compliance; crossing over multiple frameworks,” said Douglas Carr, General Manager with CBOSS. “As a result, CBOSS is able to more effectively manage security and compliance and to deliver on our promise of securing our client’s data as part of our online payment service offering.”


From enterprise software solutions to managed services, CBOSS specializes in the design and implementation of portal solutions for e-payment processing using industry-standard platforms and tools. Since 1994 over 700 businesses and government agencies have looked to CBOSS to deliver feature-rich services and solutions that are cost-effective, reliable and secure. CBOSS has renewed its Level I compliance with the Payment Card Industry (PCI) Data Security Standard, which provides the highest levels of security for e-commerce and other e-payment processing services. For more information, visit www.cboss.com, follow CBOSS on Twitter (@CBOSSInc), connect with CBOSS on LinkedIn, or like them on Facebook.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 600 clients in more than 48 states, Canada, Asia, and Europe. The firm has over 12 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, HIPAA, HITRUST CSF, PCI DSS, ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.