I.C. System: news 2 28 06 sas

I.C. System Completes SAS 70 Type II Audit

Unqualified report on internal controls confirms agency demonstrates standards for security of client data

St. Paul, Minn. (February 28, 2006) – I.C. System announced it has successfully completed a SAS 70 Type II audit. Developed by the American Institute of Certified Public Accountants (AICPA), a SAS (Statement on Auditing Standards) 70 audit provides an in-depth audit of internal control activities, including controls over information tech-nology and related processes. The requirements of Section 404 of the Sarbanes-Oxley Act of 2002 make a SAS 70 audit even more significant in the process of reporting on effective internal controls within service organizations.

“Accounts receivable management service providers need to demonstrate that they have adequate controls and safeguards in place when they host or process data belonging to their clients,” said Kurt Heinbigner, I.C. System’s CFO. “Our completion of a SAS 70 Type II audit demonstrates a clear commitment to this objective. It is crucial in today’s business environment that our clients know that their transactions are processed in a secure manner and quality reviewed with proper internal controls.”

I.C. System’s SAS 70 Type II audit was conducted by McGladrey & Pullen LLP. The audit required six months of rigorous testing which indicates controls are in place and properly being followed. SAS 70 Type II audits require annual testing and are more comprehensive than SAS 70 Type I audits, which are limited to reporting on an organization’s controls at one moment in time.

Additional Data Security Achievements
I.C. System assists clients in their compliance efforts concerning the Healthcare Insurance Portability and Accountability Act and the Gramm-Leach Bliley Act since the agency has:

• Completed an ISO 17799 Assessment. The assessment covers 11 major areas, including: Business Continuity Planning, System Access Control, System Development & Maintenance, and Physical & Environmental Security.

• Completed audits to be a Certified Agency through ACA’s Professional Practices Management System (PPMS) program. Certification recognizes ethically responsible and legally compliant agencies.

• Completed a Payment Card Industry (PCI) audit for companies that accept and store credit card information.

About McGladrey & Pullen LLP
McGladrey & Pullen, a partner-owned CPA firm, provides audit and attest services to midsized companies. It has 100 offices in the United States. McGladrey & Pullen helps clients with global business needs through its membership in RSM International (an affiliation of separate and independent accounting and consulting firms).

McGladrey & Pullen LLP and RSM McGladrey Inc., a business services provider, have an alternative practice structure. Though separate and independent legal entities, they work together to serve clients’ business needs. When considered together, the two companies rank as the fifth-largest provider of accounting, tax, and business consulting in the United States.