CBOSS Earns New Certification (SSAE 16) and Renewal for Data Security Compliance (PCI DSS)
CBOSS has received a new certification in globally accepted international accounting standards. The Statement on Standards for Attestation Engagements (SSAE) 16 Type II audit examines, with independent assurance, if an organization is operating effectively in the areas of security, availability, processing integrity, confidentiality, and privacy.
BOARDMAN, OH (PRWEB) June 26, 2012
CBOSS, Inc., the leading provider of PCI DSS-compliant, secure online payment solutions for various industries, including healthcare, government and regulated industries, has received a new certification in globally accepted international accounting standards, as well as a renewal of its certification for the Payment Card Industry Data Security Standard (PCI DSS).
The Statement on Standards for Attestation Engagements (SSAE) 16 Type II will bring companies in the U.S. up to date with the globally accepted accounting reporting standards of international service organizations.
“Achieving this new SSAE 16 Type II standard is a positive enhancement for us because it provides an independent assurance to organizations around the world that they can trust CBOSS with their sensitive data,” said Mo Faisal, Chief Information Security Officer at CBOSS.
The SSAE 16 Type II examination is conducted in accordance with attestation standards established by the American Institute of Certified Pubic Accountants (AICPA). These standards require that external auditors plan and perform their examination to obtain reasonable assurance that the controls around CBOSS applications are operating effectively.
These standards provide an independent assurance that CBOSS is adhering to the principles of SSAE 16:
- Security — The system is protected against unauthorized access, both physical and logical
- Availability — The system is available for operation and use
- Processing Integrity — System processing is complete, accurate, timely and authorized
- Confidentiality — Confidential information is protected
- Privacy — Personal information is collected, used, retained, disclosed and destroyed in accordance with the privacy criteria of CBOSS and the AICPA.
CBOSS´ PCI-DSS compliance is classified as a Level I Service Provider, meaning that as a service provider it processes over 300,000 transactions annually. CBOSS has been a Level I service provider since 2007.
The four major credit card companies – VISA, MasterCard, American Express and Discover – initiated the PCI-DSS certification program to help ensure the highest level of security standards are met by companies that process credit card data.
“Earning this renewal offers assurances to our clients that we continue to have the proper controls in place to safely and securely process payment data for services,” Faisal adds. “Certification also means that our standards have met rigorous onsite audits by an independent auditing firm and our IT systems, processes and policies continue to meet the stringent PCI-DSS requirements.”
CBOSS, based in Boardman, Ohio, is well known for its management of the Ohio Bureau of Motor Vehicles (BMV) OPLATES.com website, which includes the processing of all online payments for license plates from the site. CBOSS has provided the State of Ohio with these services under contract since 2000. CBOSS is also gaining recognition in the health care industry for the CBOSS CPP software.
From enterprise software solutions to managed services, CBOSS specializes in the design and implementation of portal solutions for e-payment processing, workflow automation and content management using industry-standard platforms and tools. Since 1994 over 700 businesses and government agencies have looked to CBOSS to deliver feature-rich services and solutions that are cost-effective, reliable and secure. CBOSS has achieved Level I compliance with the Payment Card Industry (PCI) Data Security Standard, which provides the highest levels of security for e-commerce and other e-payment processing services. Visit them at http://www.cboss.com.
For the original version on PRWeb visit: http://www.prweb.com/releases/prweb2012/6/prweb9638556.htm