eOriginal, Inc. Successfully Completes SSAE 16 SOC 1 Type 1 Audit
BALTIMORE – eOriginal, Inc., the digital transaction experts, today announced that it has successfully completed a Statement on Standards for Attestation Engagements (SSAE) No. 16, Service Organization Control 1 (“SOC 1”) Type 1 audit. The audit examined the controls and processes involved in storing, handling, and transmitting data securely.
“The successful completion of this voluntary audit illustrates eOriginal’s ongoing commitment to create and maintain the most stringent controls for the protection and security of its customers’ confidential information,” said eOriginal President and CEO Stephen Bisbee.
The Type 1 audit, which included a review of eOriginal’s controls, was performed by an independent licensed Certified Public Accounting firm that specializes in conducting SSAE 16 audits. The auditing firm examined eOriginal’s controls related to firewall configurations, information security, computer operations, data communications, data access, application changes, backups, physical security, and more.
Following the audit, eOriginal received a Service Auditor’s Report with an unqualified opinion, demonstrating eOriginal’s policies, procedures and infrastructure for data protection, security and confidentiality met or exceeded the stringent SSAE 16 criteria.
Service organization audits (SSAE 16) have become increasingly important for data-handling service providers since the passage of the Sarbanes-Oxley legislation, which requires a company’s business partners to have adequate internal controls. SSAE 16 replaced the Statement on Auditing Standards No. 70, commonly known as a SAS 70. Like the SAS 70, the SSAE 16 is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants.
eOriginal customers can easily incorporate its Service Auditor’s Report in their Sarbanes-Oxley compliance programs as proof that appropriate controls are in place. The SSAE 16 audit can also help eOriginal’s customers to comply with other regulations, including the Gramm-Leach-Bliley Act of 1999 and International Organization for Standardization 27002.