PCI Successfully Completes SOC/FISMA Examinations for 2022

by Lindsay Culbreath / February 2nd, 2023

January 23, 2023 – Norman, OK – PCI Energy Solutions is pleased to announce its successful completion of the Service Organization Controls 1 Type II (SOC 1 Type II) and Service Organization Controls 2 Type II (SOC 2 Type II) attestation issued under the American Institute of Certified Public Accounts (AICPA) and Statement on Standards for Attestation Engagements No. 18 (SSAE 18) for 2022.

After a thorough external audit, the SOC reports were prepared and issued by the leading external audit firm KirkpatrickPrice for the evaluation period ending in October 2022. The audit results indicate that PCI’s controls as a cloud service provider are appropriately designed and effectively executed. This marks PCI’s 11th consecutive year to be issued unqualified SOC reports.  

Additionally, PCI is pleased to announce its successful completion of a compliance audit on the Federal Information Security Management Act of 2002 (FISMA) using the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Revision 5 framework.

After a thorough external audit, a FISMA Compliance Report was prepared and issued by KirkpatrickPrice, attesting that PCI has implemented safeguards that meet the protections required by FISMA using the NIST SP 800-53 rev.5 framework. The audit results indicate that PCI’s information security program is operating with sufficient effectiveness to provide reasonable assurance that the security, confidentiality, and integrity of nonpublic personal information is protected as of Oct. 31, 2022.

“Cybersecurity is critical to us and our clients who manage mission-critical operations by leveraging our solutions and services,” said Peter Samoray, director of IT Security at PCI. “Adhering to the latest standards and maintaining a best-practices approach is a non-negotiable commitment to our customers.”  

These reports provide assurance that PCI’s hosted solutions will meet its customers’ security needs on a best-in-class cloud platform. PCI works globally with a variety of customers, including federal and state entities, and strives to comply with industry best practices to deliver secure and reliable software solutions.

If you’re interested in learning more about how your organization can protect itself against evolving cybersecurity threats, head to our Cybersecurity page and request access to a recent webinar led by our director of IT Security.

About PCI Energy Solutions:

We empower energy companies to continuously optimize all aspects of energy production, trading, transportation, and consumption. We’re a tight-knit team of 300 diligent product experts, engineers, business analysts, and more, implementing software solutions in close partnership with power generation companies from across the world — our customers literally keep the lights on for everyone. We’re based in Norman (Oklahoma) with offices in Houston (Texas), Raleigh (North Carolina), Mexico City (Mexico), Lima (Peru), and Sydney (Australia). Learn more at pcienergysolutions.com.

About KirkpatrickPrice:

KirkpatrickPrice is the leader in cyber security and compliance audit reports. Their experienced auditors know audits are hard, so they take complicated audits such as SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST, GDPR, and ISO 27001 and make them worth it. The firm has issued over 10,000 reports to over 1,200 clients worldwide, giving its clients trusted results and the assurance they deserve. Using its Online Audit Manager, the world’s first compliance platform, KirkpatrickPrice partners its clients with an expert to guide them through the entire audit process, from audit readiness to final report. For more information, visit kirkpatrickprice.com, follow KirkpatrickPrice on LinkedIn, or subscribe to their YouTube channel.

Media Contact:
Morgan Day
PCI Energy Solutions
(405) 447-6933