Crimcheck Completes System and Organization Controls (SOC) 2® Type II

Crimcheck successfully completed a System and Organization Controls (SOC) 2® Type II examination

SOC 2 Type II Certification

Brunswick, OH  February 19, 2020 – Crimcheck, a national leading provider of background screening and drug testing services, today announced that it has successfully completed a System and Organization Controls (SOC) 2® Type II Audit examination for their Background Check  Systems. Crimcheck retained international business advisory firm Skoda Minotti for its SOC 2® audit work.

Crimcheck selected Skoda Minotti after an intensive search based on their reputation as a leading risk advisory and compliance firm.

Ben Osbrach, CISSP, CISA, QSA, CICP, CCSFP, partner-in-charge of Skoda Minotti’s risk advisory group says, “We were excited to continue our audit relationship with Crimcheck on the completion of their 2019 SOC 2 Type II.

The Crimcheck team strives for improvement in their controls year over year; taking their responsibility for maintaining a well-controlled and secured environment seriously.”

SOC 2® engagements are performed in accordance with the American Institute of Certified Public Accountants’ (AICPA) AT-C 205, Reporting on Controls at a Service Organization and based on the trust service principles outlined in the AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy.

The SOC 2® Type II report is performed by an independent auditing firm and is intended to provide an understanding of the service organization’s suitability of the design and operating effectiveness of its internal controls. A service organization may select any or all of the trust service principles applicable to their business and Crimcheck chose to report on security, availability, and confidentiality.

The successful completion of this voluntary engagement illustrates Crimcheck’s ongoing commitment to create and maintain a secure operating environment for their clients’ confidential data.

Skoda Minotti’s testing of Crimcheck’s controls included examination of their policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup and disaster recovery, and other critical operational areas of their business.

Upon completion of the audit, Crimcheck received a Service Auditor’s Report with an unqualified opinion demonstrating that their policies, procedures, and infrastructure meet or exceed the stringent SOC 2® criteria.

“The successful completion of our SOC 2® Type II examination audit provides Crimcheck’s clients with the assurance that the controls and safeguards we employ to protect and secure their data are in line industry standards and best practices,” said Tom Shieh, CEO. 

About – Crimcheck

Crimcheck specializes in providing their customer base with quality pre-employment screening, employment history, driving record reports, drug screening, and many other background check services. Formed in 1991, Crimcheck has helped over 12,000 companies with their pre-employment screening processes.

Crimcheck utilizes experienced investigators and customer support specialists who assemble a comprehensive background check, not a packaged criminal database, to give their clients easy results that fit company specific needs. Their solutions improve companies’ efficiency, enhance candidate experience, and accelerate time to hire.

About – Skoda Minotti

Skoda Minotti is a Certified Public Accounting Firm based in Cleveland, OH offering a variety of tax, finance, and business advisory services in virtually every area of business. The Risk Advisory practice specializes in SOC Reporting, PCI DSS Compliance, HIPAA Compliance and HITRUST validation, FISMA, NIST, ISO 27001, Vulnerability and Penetration Testing, and other regulatory information security assessments.

Staffs in Skoda Minotti’s Risk Advisory hold several industry certifications including Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Qualified Security Assessor (QSA), GIAC Penetration Tester (GPEN), and GIAC Web Application Penetration Tester (GWAPT). For more information about Skoda Minotti’s Risk Advisory Services, please visit skodaminotti.com/risk.