RMS-Recovery Management Services, Inc. (RMS) is pleased to announce they recently engaged KirkpatrickPrice to conduct an independent audit to evaluate RMS’ controls for SSAE 16 Type II, PCI DSS, and NIST Standards.  The KirkpatrickPrice final reports and Attestation of Compliance confirm RMS’s demonstrated ability to maintain internal controls to protect consumer data and comply with industry standards and regulations for mission-critical networks and physical environments.

A Service Organization Control (SOC 1) engagement is an audit of the internal controls which a service provider has implemented to protect client data. SOC 1 engagements are performed in accordance with the Statement on Standards for Attestation Engagements No. 16 (SSAE 16). The standard is intended to aid Service Organizations in eliminating potential errors to client information and ensure efficiency in their controls.

PCI DSS provides technical and operational requirements that are designed to protect cardholder data. These requirements were designed to decrease credit card fraud by increasing controls involved with cardholder data. PCI DSS acts as a framework for a Service Provider to develop a strong payment card data process, which includes prevention, detection, and reaction to security circumstances.

A FISMA assessment or audit is designed to determine areas of compliance and areas requiring remediation to become FISMA compliant. Kirkpatrick Price assessed RMS’s current information security practices and controls against those listed in National Institute of Standards and Technology (“NIST”) Special Publication 800-53.

“We believe compliance is a key component to our growth strategy and pride ourselves on delivering compliant recovery solutions to our clients and their consumers” said Dan Exline, COO at RMS. “When we embarked on the KirkpatrickPrice engagement we involved our entire team and a daily focus on compliance is part of our culture at RMS.”

R. Scott Radke, Vice President of RMS, says, “RMS has always operated with the highest standards of compliance. To have that supported by a prestigious firm like KirkpatrickPrice reaffirms our commitment to our clients and consumers.”

“Many months of hard work has gone into this engagement and the end result is a testament to the exceptional team of professionals we have at RMS” says Mary Mickus, President of RMS. “Our focus on ethics and compliance demonstrates RMS’s commitment to maintaining the highest standards in the industry”.

“Many of RMS’ clients rely on their systems to process or store sensitive data,” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “As a result, RMS has implemented best practice controls demanded by their customers to address Information Security risks. Our third-party opinion validates these controls and the tests we perform provide assurance regarding the debt collection services RMS provides.”

About KirkpatrickPrice, LLC

KirkpatrickPrice is a licensed PCI QSA and CPA firm providing assurance services to over 300 clients in more than 40 states, Canada, Asia, and Europe. The firm has over 10 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and compliance controls. KirkpatrickPrice most commonly provides advice on HIPAA, SSAE 16, SOC 2, PCI DSS, ISO 27001, FISMA, and CFPB frameworks. www.kirkpatrickprice.com.

About RMS-Recovery Management Services, Inc.

RMS-Recovery Management Services, Inc. is a SBA Certified Woman Owned Small Business founded in 1998.  The collection staff at RMS has a remarkably low attrition rate with an average of 6 years tenure with the company. All of our collectors go through the process of becoming an ACA-certified Professional Collection Specialist. The RMS management team has extensive experience in many collection verticals with a heavy focus on higher education and Department of Education collections. Visit RMS online at www.rmscollects.com.