Data Security You Can Trust.
We've Got You Covered.

Your company and customers should not have to wonder if their personal and confidential data is secure. Most print and mail services just say they're secure, but many times they're not as secure as you think.

At Corporate Outsource Solutions, whether your data is in print or electronic form, our data storage, processing equipment, and strict adherence to the highest level of security and privacy compliance means your data is protected at all times.

• Fully HIPPA, FDIC, FISAP, and SAS 70 compliant
  
• SFTP file transfer and storage methods
• Enforced restricted access areas and processes
  
• All duplicate or unused documents are shredded
  
• Every single printed document is accounted for at all times
• Keycard access locks between high security rooms

"I've used COS' services and it's a highly confidential environment. That's very important to most businesses, including ours. Being able to trust them to handle our projects has meant we don't have to worry."—Javan Shull, Owner, Treasure Valley Coffee of Central Oregon

Any time you outsource to another company, it's wise to establish a rigorous and reliable approach to evaluating their outsourcing risks. That's why Corporate Outsource Solutions is part of the Shared Assessments Program.

The Shared Assessments Program is program provides an industry sanctioned, cost effective approach to understanding supplier controls. It also reflects ongoing industry collaboration to establish 'best practices' for evaluating and reporting risk from third-party processors and documents control stance in a consistent, reliable, re-usable format: one that is proven to be acceptable by clients of outsourcers.

The Shared Assessments Program documents are aligned with ISO 27002:2005, PCI DSS and COBIT, as well as FFIEC Guidance. Twelve areas of information security management provide the foundation for two complementary program tools. These tools are designed to document the service provider's management of information security controls.

By focusing on principal information services control areas and following this program, Corporate Outsource Solutions has proven to be an excellent managed risk outsourcing company.


Agreed Upon Procedures (AUP)
Corporate Outsource Solutions is audited by an on-site assessment tool that was developed by Shared Assessments program members including the largest Financial Institutions and Service Providers in the US. The AUP was reviewed by the Big 4 accounting firms acting as Technical Advisers It provides objective and consistent procedures that can be performed under each control area during the onsite assessment. Procedures address control objectives in:

• risk management
• information security policy
• organization of information security
• asset management
• human resources security
• physical and environmental security
• communications and operations management
• access control
• information systems acquisition
• development and maintenance
• information security incident management
• business continuity management
• compliance

The procedures allow client organizations to view results in the context of industry risk management. The AUP is completed by either an assessment firm or an audit firm and the results are provided to the Service Provider. The Service Provider can then share the reports with clients.

Call us today at 866.348.9791 to find out more or request a quote.

Rest assured that your data is under the highest possible security at all times, checked and cross-checked for location and integrity, and guarded
by our strict certified security standards.

“Corporate Outsource Solutions has successfully completed the Shared Assessment program. This best practice
in industry guidelines assures the
protection of systems and data in Service Provider organizations.

Corporate Outsource Solutions is the first mailhouse to have an independent auditor issue the Agreed-Upon-Procedures Shared Assessment Report. Taking this step
confirms Corporate Outsource Solutions’ goal to meet and exceed client expectations in regard to data security.”
--Joseph Kirkpatrick, RavenEye Certified Information System Auditors”