SIS Recognized as a SOC 2(SM) Provider

CPA Firm Issues SOC 2(SM) Type II Report on Controls Over Managed Solution Center at SIS

Jul 22, 2015, 14:00 ET from SIS

LEXINGTON, Ky., July 22, 2015 /PRNewswire/ -- SIS, a leading technology solutions and cloud provider, today announced that the company has undergone a Service Organization Control 2SM Type II examination for the Trust Services Principles, Security and Availability, resulting in a CPA's  report stating that management of SIS maintained effective controls over their Managed Solution Center (MSC). The engagement was performed by Coalfire.

A SOC 2SM report is designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls at a service organization that are relevant to the security, availability, or processing integrity of the system used by the service organization to process customers' information, or the confidentiality or privacy of that information.

"Protecting our customer data is of paramount importance to SIS. We are pleased that our SOC 2SM report has shown that we have the appropriate controls, including no deficiencies, in place to mitigate risks related to our MSC customers," said Steve Sigg, SIS CEO. "I would also like to recognize the efforts of Kelley Ealy, SIS CISO, for the leadership she has shown in achieving this level of security control. She did an outstanding job with this project."

The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) and the Canadian Institute of Chartered Accountants (CICA) for use by practitioners in the performance of trust services engagements:

  • Security. The system is protected against unauthorized access (both physical and logical).
  • Availability. The system is available for operation and use as committed or agreed.
  • Processing integrity. System processing is complete, accurate, timely and authorized.
  • Confidentiality. Information designated as confidential is protected as committed or agreed.
  • Privacy. Personal information is collected, used, retained, disclosed and destroyed in conformity with the commitments in the entity's privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA and CICA.

A SOC 2SM report is an internal control report on the services provided by a service organization to its customers and provides valuable information that existing and potential customers of the service organization need to assess and address the risks associated with an outsourced service.

About SIS
SIS is a total technology solutions provider serving more than 1,300 customers nationwide. Partnered with leading IT vendors, SIS delivers hardware and software solutions, technical expertise, consulting services and data center solutions. The company's Managed Solution Center is a state-of-the-art Tier 3 data center facility that provides comprehensive hosting and cloud offerings, including virtualization, business continuity, storage management and support as well as systems monitoring and management. Founded in 1982, SIS is headquartered in Lexington, KY and has regional offices in Kentucky, Indiana, Michigan, Ohio, and West Virginia. For more information call 800-337-6914, or visit

PR Contact:
Patrick Cashman, SIS, 859.977.4793,