SSAE18 Audited

We’ll keep your business IT optimized so you can reach your goals more efficiently

RESULTS Technology has successfully completed the SSAE 18 SOC 2 compliance for 2018. SSAE 18 (Statement on Standards for Attestation Engagements No. 18) is the gold standard for the validation of a service organization’s operations and procedures. RESULTS is audited annually in nine specific areas including all aspects of data and physical security, data backup, network monitoring, change management and systems maintenance.

Successfully completing the SSAE 18 audit demonstrates that we are committed to best practices and continually ensure our process management meets the highest industry standards. Our ability to successfully pass this rigorous, in-depth audit verifies RESULTS has the proper controls and processes in place to deliver the high-quality services our customers expect.

The completion of the audit is of particular importance to RESULTS’ financial services customers for which SSAE 18 compliance is often a requirement. The audit was completed, Oread Risk and Advisory, LLC.

This audit standard provides our customers assurances that RESULTS follows the controls and procedures we have in place. This transparency assures our customers and their auditors that RESULTS provides confidential, secure and quality managed services.

sideimg-soc

What Does This Mean?

SOC refers to Service Organization Controls. These are comprised of a series of standards designed to help measure how well a given service organization controls its information. SOC 2 concerns the internal controls in place at the service organization. For a company to receive SOC 2 certification, it must have sufficient policies and strategies that satisfactorily protect the client’s data.

SOC 2 is designed for more advanced IT service providers. These can include IT managed service providers, cloud computing vendors, data centers, Software-as-a-Service companies and more.

The SOC 2 framework includes five key sections, forming a set of criteria called the Trust Services Principles. These include:

  • The security of the service provider’s system.
  • The processing integrity of this system.
  • The availability of this system.
  • The privacy of personal information that the service provider collects, retains, uses, discloses and disposes of for user entities.
  • The confidentiality of the information that the service provider’s system processes or maintains for user entities.

If you are under compliance regulations, you may be required to work only with vendors who have successfully completed this audit. Even if you are not under any compliance regulations, you should still consider requiring this audit from any vendor who has access to your company’s data.

Compliance is a big fact of life. It affects organizations of all sizes, including commercial enterprises, government agencies, and public-sector entities. At the core, compliance mostly concerns obedience to laws and regulations, especially regarding use of information technology. Failure to comply can trigger penalties, embarrassing public disclosure of breaches, and other potential damages to an enterprise.

RESULTS’ Compliance Solutions, has all of the tools necessary to be compliant with almost all IT compliance regulations and requirements. Compliant with PCI, compliant with Sarbanes-Oxley, compliant with HIPAA. We have built this service around the Federal Financial Institution Examination Council (FFIEC) guidelines…some of the strictest compliance standards in existence.

Part of our Compliance Solutions package involves working directly with our Chief Technology Officer to develop a compliance strategy, procedures, and processes throughout the company that are effective and efficient in identifying, preventing, detecting and correcting noncompliance with current rules and regulations.

In a recent survey, 97% of respondents say that RESULTS’ Chief Technology Officer provides them the expertise and guidance needed to meet their compliance requirements.

Our Chief Technology Officer is also a certified CISA, Certified Information Systems Auditor, so you know you will be working with an expert who can leverage standards, manage vulnerabilities, ensure compliance, offer solutions, implement controls and deliver value to your company.

If you are required to follow compliance guidelines you may also be required to work only with vendors who are audited for their operations and controls. RESULTS regularly undergoes an SSAE 16 SOC II compliance audit by an external audit firm. This audit standard provides our customers’ assurances that RESULTS follows the controls and procedures we have in place. This transparency assures our customers and their auditors that RESULTS provides confidential, secure, and quality managed services. Even if you are not under any compliance regulations, you should still consider requiring this audit from any vendor who has access to your company’s data.

So if you are looking for a technology compliance partner who you can trust to guide you through the complex world of the Payment Card Industry Data Security Standard (PCI DSS), the Sarbanes-Oxley Act (SOX), the Health Insurance Portability & Accountability Act (HIPAA) or any other type of U.S. IT compliance requirement, look no further than RESULTS Technology.

“The documentation and reports that RESULTS provides has helped us with our compliance needs. I would definitely recommend RESULTS to a friend.”

- Employee of a collection services company in Shawnee-