BuyerQuest News

BuyerQuest Achieves SOC 1 Type 2 Certification

Posted by BuyerQuest on February 13, 2017

CLEVELAND, OHIO - BuyerQuest, the nation’s leading provider of Procurement, Payables, and Punch-Out software solutions for customers in need of easily completing tasks related to invoicing, payment, and financial management, today announced that it has successfully completed a Statement on Standards for Attestation Engagement No. 16 (SSAE 16) Type II examination for their Procurement, Payables, and Punch-Out software solutions. BuyerQuest retained international business advisory firm Skoda Minotti for its SSAE 16 audit work. BuyerQuest selected Skoda Minotti after an intensive search based on Skoda Minotti’s reputation as a leading assurance solutions and compliance company.

SSAE 16, also known as a SOC 1, is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants. A SOC 1 report is performed by an independent auditing firm and examines the controls and processes involved in storing, handling, and transmitting data securely. The successful completion of the voluntary engagement illustrates BuyerQuest’s ongoing commitment to create and maintain the most stringent controls for the protection and security of its customers’ confidential information. More information about BuyerQuest and their services can be found at http://www.buyerquest.com.

The rigorous SOC 1 Type II examination, which included detailed testing of BuyerQuest’s controls, was performed by an independent licensed Certified Public Accounting firm that specializes in conducting SOC reports, PCI DSS Compliance, FISMA, NIST and other regulatory information security assessments. The auditor examined BuyerQuest’s controls related to network connectivity, firewall configuration, secure software development life cycle, computer operations, database access, data transmissions, backup, disaster recovery, fire suppression, physical security, and more. Following the audit, BuyerQuest received a Service Auditors’ Report with an unqualified opinion, demonstrating that BuyerQuest’s policies, procedures, and infrastructure for data protection, security, and confidentiality met or exceeded the stringent SOC 1 requirements.

“The successful completion of our SOC 1 Type II examination audit provides our customers with the assurance that the controls and safeguards we employ to protect and secure their data are first-rate,” said Justin Spies, Director of IT Operations.

SOC Reports have become increasingly important for data-handling service providers since the passage of the Sarbanes-Oxley legislation, which requires a company’s business partners to have adequate internal controls. BuyerQuest’s customers can easily incorporate its Service Auditors’ Report in their Sarbanes-Oxley compliance programs as proof that appropriate controls are in place. The SOC 1report can also help BuyerQuest’s customers to comply with other regulations, including HIPAA (Health Insurance Portability and Accountability Act), GLBA (Gramm-Leach-Bliley Act of 1999), and ISO 27001.

About BuyerQuest

BuyerQuest is an enterprise Procure-to-Pay solution that delivers a world-class eCommerce experience to procurement organizations all around the world. Our software streamlines and enhances the corporate buying process allowing our customers to increase user adoption, drive contract compliance, and save money. BuyerQuest combines the power of cognitive computing with the discipline of enterprise procurement, offering an agile solution that empowers companies to solve their complex procurement problems. BuyerQuest customers have the spend transparency, deep insights, and advanced intelligence capabilities they need to focus more on strategic priorities and less on tactical, lower value tasks. Global organizations use BuyerQuest to fundamentally transform their procurement experience and more efficiently manage their entire procure-to-pay process. Visit www.BuyerQuest.com to learn more.

Topics: BuyerQuest News, BuyerQuest Solution, SOC