ISOutsource Attains SOC 2® — System Operations Controls for Service Organizations: Trust Services Criteria—Type 1 Attestation.
AICPA System and Organization Controls audit and attestation provides assurance of robust security, availability, processing integrity of systems,
Bothell, WA, July 25, 2019— ISOutsource, the premier provider of outsourced information services to small and medium-sized businesses across the West, today announced the completion of its SOC 2® — System Operations Controls for Service Organizations: Trust Services Criteria—Type 1 Audit/Attestation.
SOC 2 is a descendant of SAS 70 reports, SSAE 16, and other established auditing standards established by the American Institute of CPAs (AICPA). It provides a way for service organizations to build trust and transparency through external verification of internal controls. Using AICPA-established criteria, multidisciplinary teams composed of licensed CPAs, information technology, and security specialists perform the audit and provide reports relevant to security, availability, processing integrity, confidentiality, and privacy.
According to ISOutsource Chief Technology Officer, Andrew Healey, “Any IT support provider can claim like, ‘We do Incident Response tabletop exercises quarterly,’ but it’s nearly impossible for their clients to determine if this statement is a statement of fact or just an exaggerated marketing claim. The SOC 2 audit required ISOutsource to prove to an outside audit firm that we perform those exercises and many more. The auditors validated our policies and procedures to ensure they are suitable and effective in protecting our organization and our information systems. The entire process assures our clients that our systems are robust and secure, and our processes are mature and effective.”
Stakeholders who may benefit from this report are regulators, business partners, and most of all ISOutsource clients (and prospective clients) who operate in highly regulated industries (HIPAA, ITAR, FERPA, SEC, et al.).
The SOC 2 audit also positions ISOutsource as uniquely qualified to provide cyber-risk and compliance consulting services. “Having been through this process ourselves, we support our clients with pre-audit readiness, vendor management, risk mitigation, and cybersecurity consulting services,” Healey added.
The detailed SOC 2 Type 1 Attestation is available to prospective clients and business partners subject to an NDA.
ISOutsource is the West’s premier provider of outsourced information services: IT support and technology consulting. With offices in Seattle, Portland, Phoenix, Spokane, and Bothell, WA (corporate headquarters) the company employs nearly 90 people with the shared goal of ensuring that ISOutsource clients feel happy, productive, and supported in their use of technology.
Join the conversation with ISOutsource on LinkedIn, Facebook, and Twitter.