Winter Haven, FL, July 12, 2017 — CertiPay, a national Payroll, Human Resources and Benefits Enrollment solutions company, is pleased to announce the successful completion of its annual Statement on Standards for Attestation Engagements (SSAE) 18 Type II audit for 2016. Completion of the SSAE 18 audit provides evidence of CertiPay’s strong commitment to the integrity of its web-based applications, including benefits enrollment, HR and payroll processing tools.
The results of the audits were “unqualified,” meaning that the control measures in place are effective and operating as designed. “Receiving an unqualified report validates our commitment to adhere to nationally recognized standards of quality and process control principles,” said Scott Schwarb, Director of Treasury and Tax for CertiPay. “The results of the audit are further evidence to our clients that their trust in us to provide privacy and security is well founded.”
SSAE 18 is a recognized third-party assurance audit for service providers. To ensure a comprehensive audit for both reports, CertiPay identified 14 areas of control, including enterprise-wide management systems, policies and procedures, network operations, data, change management, design and development, implementation, security, computer controls, accounting and billing processes. Since initiating audits of this kind, CertiPay has consistently received unqualified reports.
“The SSAE 18 compliance designation affirms CertiPay’s commitment to meet the highest industry standards for delivering and operating our managed services,” said Rob Trimble, President of CertiPay. “Our clients trust us to have controls in place for secure data center operations.”
Completion of the SSAE 18 Type 2 examination, which was conducted by Schellman & Company, Inc., Tampa, FL, indicates that the processes, procedures and controls have been evaluated and tested by an independent accounting and auditing firm. The SSAE 18 audit is recognized by the American Institute of Certified Public Accountants (AICPA) as an acceptable method for a user organization to obtain assurance about a service organization’s internal controls without conducting separate assessments.