News
Sydney, Australia January 2020 – A National Information Management Organization and a provider of innovative software solutions in Sydney, (name withheld for security reasons), today announced that it has successfully completed a System and Organization Controls (SOC) 2® Type II Audit examination for their Data Storage Document Management System.

They retained international business advisory firm Skoda Minotti for its SOC 2® audit work and international business consulting firm SAMEC for project coordination and advising. The client selected Skoda Minotti and SAMEC after an intensive search based on their reputation as a leading risk advisory and compliance firm.Ben Osbrach, CISSP, CISA, QSA, CICP, CCSFP, partner-in-charge of Skoda Minotti’s risk advisory group says, “We were excited to work with SAMEC from the very start. They are an intriguing firm delivering high quality services and their business adds to our potential for growth in the Australian region.”

Arjang Safa, Founder & Director – Compliance & Innovation, SAMEC was the main intermediary from Skoda Minotti to client. Arjang was mainly responsible for supporting the control mapping from client’s ISO 27001 to the newly implemented SOC 2®, communicating the evidence requests to client personnel, providing the necessary evidence of control implementation and operating effectiveness, coordinating meetings between client and Skoda Minotti, and documenting process improvements along the way.

SOC 2® engagements are performed in accordance with the American Institute of Certified Public Accountants’ (AICPA) AT-C 205, Reporting on Controls at a Service Organization and based on the trust service principles outlined in the AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy. The SOC 2® Type II report is performed by an independent auditing firm and is intended to provide an understanding of the service organization’s suitability of the design and operating effectiveness of its internal controls. A service organization may select any or all of the trust service principles applicable to their business and the client chose to report on security, availability, processing integrity and confidentiality. The successful completion of this voluntary engagement illustrates SAMEC’s ongoing commitment to help companies achieve business growth through compliance with complex frameworks.

About – SAMEC

SAMEC Pty Ltd, is an Australian privately-own company, based in Sydney, operating in Australia and overseas for the past 17 years. Their focus is on creating efficient processes to help companies achieve business growth through compliance or high-end technology based products. SAMEC looks to partner with companies to improve and integrate their systems rather than dictate or impose. Unlike other companies, SAMEC adopts a holistic approach. Reviewing all areas of risk to minimize efficiencies and streamline operating procedures to maximize profit.

Under the directorship of Arjang Safa, SAMEC has evolved and now includes other business areas: such as Compliance & Certification, Information Technology Services and Security and Risk advisory.

Traditionally, SAMEC has helped companies develop innovative high-end technology products from prototypes to commercialization. We have developed prototypes for a range of industries including medical, energy and resources, automotive, telecommunications and consumer electronics. Our strength is in understanding the process and methodologies to deliver commercially viable and successful products.

From our experience in developing and manufacturing prototypes, we recognised a need to help companies streamline their operations and processes. SAMEC Compliance is a natural extension of our expertise and skills. ISO Certifications will give companies opportunities to compete on the world stage and expand their businesses across a variety of markets.

Director Arjang Safa is particularly skilled in operational planning, information security, manufacturing, IT, Infrastructure, business systems, business continuity and disaster recovery, and commercialization strategy for high technology and complex products. He has worked with government organizations including CSIRO and other leading companies to create pioneering technologies and products.

He is a qualified Technologies Engineer having studied at University of Technology in Sydney and with more than 20 years experience. Arjang has consulted for a number of large organization and held various managerial positions for companies including Finisar, Nanosonics, Evolution Broadcast, Lake Technology and Hypertec.

About – Skoda Minotti

Skoda Minotti is a Certified Public Accounting Firm based in Cleveland, OH offering a variety of tax, finance, and business advisory services in virtually every area of business. The Risk Advisory practice specializes in SOC Reporting, PCI DSS Compliance, HIPAA Compliance and HITRUST validation, FISMA, NIST, ISO 27001, Vulnerability and Penetration Testing, and other regulatory information security assessments. Staffs in Skoda Minotti’s Risk Advisory hold several industry certifications including Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Qualified Security Assessor (QSA), GIAC Penetration Tester (GPEN), and GIAC Web Application Penetration Tester (GWAPT). For more information about Skoda Minotti’s Risk Advisory Services, please visit skodaminotti.com/risk.