W Energy Software Successfully Completes SOC 2 Examination

W Energy Software, the emerging leader in upstream and midstream oil & gas ERP solutions announced that it has successfully completed a System and Organization Controls (SOC) 2ยฎ Type II Audit examination for their Financial and Transaction Management Software System. W Energy Software retained international business advisory firm Skoda Minotti for its SOC 2ยฎ audit work. W Energy Software selected Skoda Minotti after an intensive search based on its reputation as a leading risk advisory and compliance firm.
Ben Osbrach, CISSP, CISA, QSA, CICP, CCSFP, partner-in-charge of Skoda Minottiโs risk advisory group says, โWe were excited to continue our audit relationship with W Energy Software on the completion of their 2019 SOC 2 Type II. Michael and his team strive for improvement in their controls year over year; taking their responsibility for maintaining a well-controlled and secured environment seriously.โ
SOC 2ยฎ engagements are performed in accordance with the American Institute of Certified Public Accountantsโ (AICPA) AT-C 205, Reporting on Controls at a Service Organization and based on the trust service principles outlined in the AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy. The SOC 2ยฎ Type II report is performed by an independent auditing firm and is intended to provide an understanding of the service organizationโs suitability of the design and operating effectiveness of its internal controls. A service organization may select any or all of the trust service principles applicable to its business and W Energy Software chose to report on security and availability. The successful completion of this voluntary engagement illustrates W Energy Software’s ongoing commitment to create and maintain a secure operating environment for its clientsโ confidential data.
Skoda Minottiโs testing of W Energy Software’s controls included an examination of their policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup, and disaster recovery, and other critical operational areas of their business. Upon completion of the audit, Waterfield received a Service Auditorโs Report with an unqualified opinion demonstrating that their policies, procedures, and infrastructure meet or exceed the stringent SOC 2ยฎ criteria.