How Safe is Your E-Invoicing?Posted: 02/08/2016 12:00am
The Statement on Standards for Attestation Engagements (SSAE) is a governance body that ensures that service company reporting standards mirror and comply with the international service organization reporting standard.
Cortex has been engaged in, completed and received a green report for its SSAE16 audit for the last 3 years. This report shows reasonable assurance that the controls Cortex has put in place achieve the following:
- Effectiveness and efficiency of operations
- Reliability of financial reporting
- Compliance with applicable laws and regulations
This provides our customers with the assurance that our controls have been independently audited and that our control objectives are effective and trustworthy. This post focuses specifically on control measures within our Client Enablement division and why they are important.
Authentication control of our Suppliers provides reasonable assurance that when new Suppliers are established on the Cortex Network, they are authorized by the Buyer and maintained accurately based on the information provided to Cortex. In other words, Cortex sets up new Suppliers and maintains existing Supplier information by following an established process that ensures the identity of the Supplier is correct (they are who they say they are).
Cortex achieves this in several different ways:
- We require a Buyer-specific vendor code for the Supplier set up in order to create an account for the Supplier on the Network.
- We require a signed contract between the Supplier and Cortex
- We require government issued documentation showing the Supplier's business name and address.
Our internal Client Enablement team member creates the new Supplier on the Network then validates the Supplier’s key information (name, address, key contact person, phone number and billing information) against the contract in place.
In addition to verifying company information, prior to processing any changes to an existing Supplier, this team independently contacts the authorized Supplier representative to confirm that the requested changes are valid and to obtain supporting documentation for the change. This backup documentation and the initial contracts are all stored in our CRM.
This Supplier Authentication is one of several controls to assure Buying organizations that their Supplier base is on boarded accurately and completely, eliminating any fraudulent Suppliers from joining the Cortex Network.
Published by Dave Schaw
The opinions expressed in this article are the author’s own and do not necessarily reflect those of Cortex Business Solutions.