Petaluma, CA — Optio Solutions, a national debt collection agency, has received its annual attestation for payment card information security (PCI DSS 3.2) and controls affecting clients’ financial statements (SOC 1 Type II) as well as a third attestation for non-financial reporting controls (SOC 2 Type II). KirkpatrickPrice, a licensed CPA and Qualified Security Assessor, conducted all three audits.
“Many Optio clients rely on their systems to process or store sensitive data and protect information,” said Joseph Kirkpatrick, president of KirkpatrickPrice. “As a result, Optio Solutions has implemented best practice controls to address information security and compliance risks. Our third-party opinion validates these controls while the tests we perform provide assurance regarding Optio services.”
The PCI Data Security Standards (see PCI DSS 3.2) establish technical and operational requirements for merchants and service providers using, storing or transmitting payment card data. Focus areas include security management, policies and procedures, network architecture, software design, and other critical protective procedures.
“These certifications confirm our commitment to protecting clients and consumers with best-in-class data security and internal controls,” said President and CEO Chris Schumacher of Optio Solutions.
System and Organization Controls (SOC) reports are performed by CPAs to determine a service organization’s system-level controls or entity-level controls of other organizations. The guidelines were established by the American Institute of Certified Public Accountants (AICPA).
SOC 1 Type II reports are compliant with the Statements on Standards for Attestation Engagement (SSAE 18) and assess the controls at service organizations that are relevant to user entities’ internal control over financial reporting throughout a specific period. The audit conducted by KirkpatrickPrice included a thorough testing of Optio controls over a minimum six-month period.
SOC 2 Type II reports focus on the effectiveness of a service organization’s non-financial reporting controls relating to security, availability, processing integrity, confidentiality, and privacy of a system.
About Optio Solutions, LLC
Optio Solutions, LLC is a national debt collection agency focused on protecting its clients’ brands and improving ROI via extensive financial services experience, advanced technology, certified data security, legal compliance and professionally designated staff. Optio is a member of ACA International and the California Association of Collectors.
About KirkpatrickPrice, LLC
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 700 clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, HIPAA, HITRUST CSF, PCI DSS, GDPR ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.