AICPA SOC Service Organizations - Certrec

Certrec Announces Successful Completion of Type 2 SOC 2 Examination

Independent CPA firm confirms Certrec’s successful completion of a Type 2 SOC 2 Examination with a scope of Document Management and Regulatory Services.

Fort Worth, TX (PRWEB) August 14, 2017 — Certrec Corporation, a leading licensing and regulatory compliance provider for NRC and NERC compliance, announced today it has successfully completed a Type 2 SOC 2 examination. 

SOC 2 reports are attestation reports that opine on controls at a service organization relevant to the security, availability, or processing integrity of a system (security, availability, and/or processing integrity principles) or the confidentiality or privacy of the information processed for the user entities (confidentiality or privacy principles). Of the five Trust Services principles, Certrec was examined against the following principles for the review period of July 1, 2016, to June 30, 2017: 

Security – The system is protected against unauthorized access, use, or modification.

Availability – The system is available for operation and use as committed or agreed. 

Confidentiality – Information designated as confidential is protected as committed or agreed. 

By engaging an independent CPA to examine and report on a service organization’s controls, service organizations can respond to meet the needs of their user entities and obtain an objective evaluation of the effectiveness of controls that address operations and compliance. 

“We take threats to the availability, security, and confidentiality of our clients’ information seriously,” says Ted Enos, President of Certrec. “We lead our Industries in Data Protection and Security by investing in third party examinations and certifications of our compliance to the most stringent standards and controls,” says Enos. 

Cyber security threats are becoming more prevalent in the industries we support. Our organization is committed to maintaining or exceeding our current levels of service and thus performing the Type 2 SOC 2 examination each year in the future. 

“Our clients are assured that our web-based tools, information storage solutions, and physical security are protected by comprehensive information security controls, risk management practices, and the prevention of IT architecture security risks,” says Enos.  

About Certrec:
Certrec is a leading provider of regulatory compliance solutions for the energy industry with the mission of helping ensure a stable, reliable, bulk electric supply. Since 1988, Certrec’s SaaS applications and consulting know-how have helped hundreds of power-generating facilities manage their regulatory compliance and reduce their risks.

Certrec’s engineers and business teams bring a cumulative 1,500 years of working experience in regulatory areas of compliance, engineering, and operations, including nuclear, fossil, solar, wind facilities, and other Registered Entities generation and transmission.

Certrec has helped more than 120 generating facilities establish and maintain NERC Compliance Programs. We manage the entire NERC compliance program for 60+ registered entities in the US and Canada that trust us to decrease their regulatory and reputational risk. Certrec is ISO/IEC 27001:2022 certified and has successfully completed annual SOC 2 Type 2 examinations.

For press and media inquiries, please contact