Optio Solutions Renews Certification for Data Security and Internal Controls

by Sarah Harvey / June 22nd, 2018

Petaluma, CA — Optio Solutions, a national debt collection agency, has received its annual attestation for payment card information security (PCI DSS 3.2) and controls affecting clients’ financial statements (SOC 1 Type II) as well as a third attestation for non-financial reporting controls  (SOC 2 Type II). KirkpatrickPrice, a licensed CPA and Qualified Security Assessor, conducted all three audits.

“Many Optio clients rely on their systems to process or store sensitive data and protect information,” said Joseph Kirkpatrick, president of KirkpatrickPrice. “As a result, Optio Solutions has implemented best practice controls to address information security and compliance risks. Our third-party opinion validates these controls while the tests we perform provide assurance regarding Optio services.”

The PCI Data Security Standards (see PCI DSS 3.2) establish technical and operational requirements for merchants and service providers using, storing or transmitting payment card data. Focus areas include security management, policies and procedures, network architecture, software design, and other critical protective procedures.

“These certifications confirm our commitment to protecting clients and consumers with best-in-class data security and internal controls,” said President and CEO Chris Schumacher of Optio Solutions.

System and Organization Controls (SOC) reports are performed by CPAs to determine a service organization’s system-level controls or entity-level controls of other organizations. The guidelines were established by the American Institute of Certified Public Accountants (AICPA).

SOC 1 Type II reports are compliant with the Statements on Standards for Attestation Engagement (SSAE 18) and assess the controls at service organizations that are relevant to user entities’ internal control over financial reporting throughout a specific period. The audit conducted by KirkpatrickPrice included a thorough testing of Optio controls over a minimum six-month period.

SOC 2 Type II reports focus on the effectiveness of a service organization’s non-financial reporting controls relating to security, availability, processing integrity, confidentiality, and privacy of a system.

About Optio Solutions, LLC

Optio Solutions, LLC is a national debt collection agency focused on protecting its clients’ brands and improving ROI via extensive financial services experience, advanced technology, certified data security, legal compliance and professionally designated staff. Optio is a member of ACA International and the California Association of Collectors.