Optio Solutions Meets Payment Card Industry Data Security Standards and Receives SOC 1 Type II Attestation

by Sarah Harvey / December 14th, 2016

Petaluma, CA – December 2016– Optio Solutions, an accounts receivable management and debt collection agency, today announced that it has completed its PCI audit and received their Report on Compliance (ROC) and completed its SSAE 16 (SOC 1) Type II audit.  These reports verify that Optio Solutions adheres to the Payment Card Industry Security Data Standard and has the proper internal controls and processes in place to deliver high quality services to its clients.

KirkpatrickPrice, a licensed CPA and PCI QSA firm, performed the audit and appropriate testing of Optio Solutions’ controls that are relevant to the storing and transmitting of information from credit, debit, or other payment cards.  In accordance with the PCI Security Standards Council, KirkpatrickPrice’s Qualified Security Assessors assisted Optio Solutions in becoming PCI compliant.

KirkpatrickPrice also performed the audit and appropriate testing of Optio Solutions’ controls that may affect its clients’ financial statements. In accordance with SSAE 16 (Statements on Standards for Attestation Engagements), the SOC 1 Type II audit report includes Optio Solutions’ controls as well as the detailed testing of its controls over a minimum six-month period.

“Successfully completing the SSAE 16 audit highlights our commitment to protecting our client’s brand by providing them with a high level of data security,” said Optio President and CEO Chris Schumacher.

The PCI Data Security Standard is a complex security standard that focuses on security management, policies, procedures, network architecture, software design, and other critical protective procedures.  These security standards are relevant to any merchant or service provider that uses, stores or transmits information from a payment card.

“Many of Optio Solutions’ clients rely on their systems to process or store sensitive data and protect information,” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “As a result, Optio Solutions has implemented best practice controls demanded by their customers to address information security and compliance risks. Our third-party opinion validates these controls and the tests we perform provide assurance regarding the accounts receivables management services provided by Optio Solutions.”

SOC 1 Type II is a reporting on the controls at a service organization that was established by the American Institute of Certified Public Accountants (AICPA). This report is in compliance with the SSAE 16 auditing standards which focus on the controls of a service organization that are relevant to an audit of a user entity’s financial statements. The standard demonstrates that an organization has adequate controls and processes in place. Federal regulations such as Sarbanes-Oxley, Gramm-Leach-Bliley and the Health Insurance Portability and Accountability Act (HIPAA) require corporations to audit the internal controls of their suppliers, including those that provide technology services.

About Optio Solutions, LLC

Optio Solutions, LLC is a national debt collection agency focused on protecting its clients’ brand and improving ROI via extensive financial services experience, advanced technology, certified data security, legal compliance, and professionally designated staff. Optio is a member of ACA International and the California Association of Collectors.

About KirkpatrickPrice, LLC

KirkpatrickPrice is a licensed CPA and PCI QSA firm providing assurance services to over 500 clients in more than 46 states, Canada, Asia, and Europe. The firm has over 12 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SSAE 16, SOC 2, HIPAA, PCI DSS, ISO 27001, FISMA, and CFPB frameworks. www.kirkpatrickprice.com