BuyerQuest News

BuyerQuest Adds SOC 2 Type 2 Certification

Posted by BuyerQuest on February 15, 2017

CLEVELAND, OH  - BuyerQuest Inc., the leading provider in enterprise Procure-to-Pay ("P2P") technology solutions in the cloud, announced today that it that it has successfully completed a Service Organization Controls (SOC) Audit Type 2 examination for their Procurement, Payables, and Punch-Out Solutions. BuyerQuest Inc. retained international business advisory Skoda Minotti to perform the SOC audit. BuyerQuest Inc. selected Skoda Minotti after an intensive search based on Skoda Minotti's reputation as a leading assurance solutions and compliance company.

"The successful completion of our SOC 2 audit provides our customers with the assurance that the controls and safeguards we employ to process and safeguard their data meet and, in many cases exceed, industry best practices," said Justin Spies, Director of IT Operations, BuyerQuest, Inc.

SOC is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants. A SOC 2 report is performed by an independent auditing firm and examines the controls and processes involved in storing, handling, and transmitting data securely.

Skoda Minotti examined BuyerQuest Inc.'s controls related to network connectivity, firewall configuration, secure software development life cycle, computer operations, database access, data transmissions, backup, disaster recovery, fire suppression, physical security, and more. Following the audit, BuyerQuest Inc. received a Service Auditors' Report with an unqualified opinion, demonstrating that BuyerQuest Inc.'s policies, procedures, and infrastructure for data protection, security, and confidentiality met or exceeded the stringent SOC 2 criteria.

Ben Osbrach, CISSP, CISA, QSA, partner-in-charge of Skoda Minotti's risk advisory group says, "We were excited to work with BuyerQuest Inc. from the very start, they are an intriguing organization delivering high quality software services and this adds to our growing SOC reporting practice. Software as a Service providers continue to be a key industry for SOC reporting."

The successful completion of the voluntary engagement illustrates BuyerQuest Inc.'s ongoing commitment to create and maintain the most stringent controls for the protection and security of its customers' confidential information.

SOC Reports have become increasingly important for data-handling service providers since the passage of the Sarbanes-Oxley legislation, which requires a company's business partners to have adequate internal controls. BuyerQuest Inc.'s customers can easily incorporate its Service Auditors' Report in their Sarbanes-Oxley compliance programs as proof that appropriate controls are in place. The SOC 2 report can also help BuyerQuest Inc.'s customers to comply with other regulations, including HIPAA (Health Insurance Portability and Accountability Act), GLBA (Gramm-Leach-Bliley Act of 1999), and ISO 27001.

About BuyerQuest

BuyerQuest is a world-class Spend Management Software and Services company, founded on the core belief that the enterprise procurement experience can and should be just as easy as an everyday B2C e-commerce shopping experience. BuyerQuest delivers its end-users a world class shopping experience for all goods and services across the enterprise. Procurement and Accounts Payable organizations are empowered by BuyerQuest's intuitive administration tools to operationalize their contracts and drive compliance through widespread user adoption coupled with advanced intelligence capabilities.

Topics: BuyerQuest News, SOC