Meeting the Industry Need for Compliance
Kevin Nincehelser, Premier One Data System’s Chief Operating Officer, recognized the technology industry’s need for cybersecurity compliance. He knew that serving on the executive team of a small business that provides software, consulting, tech support and security to clients meant he needed to lead Premier One’s effort to earn a SOC 2 report. Not only would this report provide the organization with a competitive edge, but it also communicates to clients and potential customers that Premier One takes cybersecurity and compliance seriously.
These days, major security breaches are striking organizations of all sizes across the globe. Helping to run a small business can be difficult enough without worrying if Premier One is a target for a major data breach – but Kevin knew that being prepared is a great way to differentiate from competitors. Undergoing a SOC 2 assessment demonstrates to the organization’s current and prospective customers that Premier One maintains a strong security posture that includes the implementation of controls to protect and secure confidential and personal data – building trust in the marketplace early.
Kevin had one goal- successfully complete a SOC 2 assessment before Premier One grows as an organization and the process becomes more complicated.
The reason why is simple: during the SOC 2 assessment, various departments and personnel across the organization will be required to assist in gathering the requested evidence for the audit. Going through a SOC 2 assessment while the business is small will help strengthen the controls environment and help Premier One be better prepared for future compliance assessments – no matter what size the organization grows into.
Consistent. Steller communication. Just plain great!”
Kevin NincehelserChief Operating Officer at Premier One
Finding the Right Auditing Firm
Kevin was unhappy with Premier One’s past auditing firm. He needed a firm who was experienced, fairly priced and communicated seamlessly. While attending an industry event in 2019, Kevin met Blaise Wabo, A-LIGN’s Associate Director of HITRUST, and engaged in an insightful conversation regarding industry compliance. A-LIGN submitted a proposal for Premier One’s call for bids and eventually secured Premier One’s first SOC 2 audit with A-LIGN.
“When going through the RFP process and comparing audit firms, I kept circling back to A-LIGN,” said Kevin. “Their communication was unmatched, and their professionals were incredibly knowledgeable and helpful throughout the entire comparison process.”
Earning a SOC 2 Report
As soon as Premier One partnered with A-LIGN, they immediately kicked-off the SOC 2 assessment process. “There is certainly a learning curve in the first year working with a new auditing firm,” said Kevin. “Regardless, I was impressed with A-LIGN’s communication structure across the firm. They were always quick to respond to questions and requests, had processes in place for when to communicate and what information needed to be relayed. I really appreciated receiving an agenda before every meeting and follow up information when the meeting concluded.”
With Kevin’s lead, Premier One successfully achieved a SOC 2 report. The SOC 2 assessment was a positive experience for Premier One as their internal team found a partner that not only communicated well but was consistent in every way.
As Chief Operating Officer, Kevin knows the value of process automation and saving on resources, so he was eager to utilize A-SCEND, A-LIGN’s software tool for audit automation. A-SCEND transitions audits from tactical and transactional functions, into a strategic approach to compliance by centralizing evidence collection and standardizing compliance requests making it possible to consolidate into a single annual audit.
“During our audit process, A-SCEND was extremely valuable,” said Kevin. “The software allowed me to set up multiple users in the portal and assign their areas of responsibility, ultimately de-duplicating efforts. In our second SOC 2 audit with A-LIGN, I appreciated the ability to look back on last year’s notes and uploaded evidence, saving a great deal of time.”
Kevin’s guidance, combined with A-LIGN’s expertise, drove Premier One to successfully complete several SOC 2 audits over the years, ensuring their cybersecurity compliance is always up to date. “Since 2019, we have used A-LIGN for our annual SOC 2 audits and will continue to use them year over year. In the past three years, I’ve referred a number of professional contacts to A-LIGN and they are all happy clients.”
During the COVID-19 Pandemic, auditing went remote along with the rest of the world. Kevin embraced remote audits and felt that with the use of A-SCEND, the audit model A-LIGN uses is very effective. “I really enjoy remote audits because they take up less of my team’s time, ultimately freeing up resources and costs while being equally effective as in-person audits,” said Kevin.
About Premier One Data Systems, Inc.
Premier One began serving clients in Topeka, KS in 1991. Since then, Premier One has continued to grow, adding a second office in Ohio and serving hundreds of clients across the US. The company’s services have changed and grown over the years with an ever-changing landscape of technology. Meeting the COVID-19 pandemic head-on, Premier One offers clients the latest in work-from-home technologies, continuing to meet the technical needs of all clients regardless of size. For more information, visit https://premier-one.com.
A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to help mitigate cybersecurity risks. A-LIGN uniquely delivers a single-provider approach as licensed SOC 1 and SOC 2 Assessor, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, HISTRUST CSF Assessor firm, accredited FedRAMP 3PAO, candidate CMMC C3PAO, and Qualified Security Assessor Company. Working with small businesses to global enterprises, A-LIGN experts and its proprietary compliance management platform, A-SCEND, are transforming the compliance experience. For more information, visit www.A-LIGN.com.
To learn more about how A-LIGN can help your organization through a variety of cybersecurity compliance assessments and audits, please visit https://a-lign.com/compliance/ or complete this form and an A-LIGN expert will reach out to you within 24 hours.