ARLINGTON, Va., Oct. 12, 2022 /PRNewswire/ — Ostendio, Inc., a leading provider of integrated security and risk management solutions, announced its standing as the first and currently only SaaS platform to be a licensed partner with the American Institute of CPAs under their new platform licensing model. The AICPA is the national professional organization of Certified Public Accountants in the United States, with more than 428,000 members in 130 countries. The increasing awareness of the importance of IT security at third parties has led to a significant increase (almost 50%) in the demand for SOC 2® engagements conducted by CPAs.
A SOC 1®, SOC 2®, or SOC 3® engagement may only be performed by an independent CPA firm. However, over the past couple of years a number of new security platform companies have emerged claiming to offer quick, cheap, automated SOC audits, and as a result, diminished the value of the SOC2 process. The AICPA has responded to this by introducing a new licensing model that prohibits platform organizations from making misleading statements regarding the time it will take or fees charged for an engagement to be performed as those must be independently set by third-party CPAs.
“Ostendio was chosen as the first licensed partner because we already operate within AICPA’s ethical parameters,” said Grant Elliott, chairman and CEO, Ostendio. “Working with a licensed AICPA partner like Ostendio means clients preparing for a SOC audit can trust the information and timelines we provide them, positioning them to successfully navigate the SOC audit process with no surprises.”
Ostendio partners with a number of reputable third-party auditors authorized to conduct SOC audits, all of whom contract with our clients independently. This ensures there is never a conflict of interest between our preparation of the client for the audit, and the audit itself.
Ostendio also recently announced that it is the first SaaS company to be a HITRUST Readiness Licensee. Clients preparing for a HITRUST assessment can build their data security program and prepare for the assessment using a combination of the Ostendio platform and the HITRUST MyCSF platform.
The Ostendio platform enables auditors and clients to collaborate on real-time evidence within a single, secure integrated risk management platform. Unlike industry-standard methods of conducting complex audits using disparate and siloed shared drives and spreadsheets, the Ostendio platform provides access to evidence and documents that are always available, easy to update, and optimized for collaboration.
The Ostendio Trust Network™ connects organizations with third-party vendors to help them safely share security information and manage and mitigate risk across the extended enterprise. Ostendio Trust Network members can invite vendors to complete custom risk assessments and share information quickly and in real-time. This allows vendors to demonstrate compliance to their customers and auditors, easing sales processes and reducing compliance burdens. Companies can mandate that vendors share their compliance information directly with them via the Ostendio platform, dramatically reducing the risk of vendor-related data breaches.
Ostendio is the only integrated security and risk management platform that leverages the strength of your greatest asset. Your people. Ostendio delivers an easy-to-use, cost-effective platform that allows you to assess risk, create and manage critical policies and procedures, empower your people to be secure with security awareness training, and monitor continuous compliance across 150+ security frameworks. With deep customization, advanced intelligence, and flexible controls, you’re always audit-ready, always secure, and always able to take on what’s next.