SSAE 16

SSAE 16 Compliance

 

SSAE 16 (formerly SAS 70) Type 2

The new service organization reporting standard, Statement on Standards for Attestation Engagements SSAE 16, is effective as of June 15, 2011. SSAE 16 supersedes Statement on Auditing Standards SAS 70 with the professional guidance on performing the service auditor’s examination.SSAE 16 SOC 2

Our data centers have obtained a Service Organization Controls 1 (SOC 1), Type II report. The audit for this report is conducted in accordance with the Statement on Standards for Attestation Engagements (SSAE 16) and the International Standards for Assurance Engagements 3402 (ISAE 3402) professional standards. This dual-standard report is specifically intended to meet the needs of our customers and their auditors, as they evaluate the effect of the controls on their financial statement assertions. The SOC 1 report attests that our data centers’ control objectives are appropriately designed and operating effectively.

Global Data Vault can provide these reports upon request. These reports explain the internal control descriptions and security procedures in place to assist you in meeting your compliance requirements.

SOC 2 on the Security and Availability Trust Services Principles

In addition to the SOC 1 report, our data center obtains a Service Organization Controls 2 (SOC 2), Type II report. Similar to the SOC 1 in the evaluation of controls, the SOC 2 report is an attestation report that is an evaluation of controls specific to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. The principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations. SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the criteria for the security and the availability principles set forth in the AICPA’s Trust Services Principles criteria.

Upon request and under NDA, this report is also available to our customers.

The Case for Office 365 Backup

In the wake of Microsoft's September 4 - September 5 South Central U. S. outage for Office 365 and Azure, it's worth asking, should you be concerned with backup of your Office 365 data? It's your data, and while Microsoft normally does a good job with protecting it,...

Counting down the worst cyber security breaches of 2018 – #4

Fitness apparel manufacturer Under Armour gave us a good example of how companies can try to protect their user’s data but often fail to fully cover everything that needs protecting. The information that was stolen from Under Armour is minor compared to some of the...

Global Data Vault’s Mid-Year Count-Down of the Worst Cybersecurity Breaches

Number 5: VPNFilter More and more, our business environments are connected to the cloud. The transmission of data and the speed to which it can be accessed is critical to business intelligence and competitive advantage. When that data becomes attractive to hackers,...