With an effective date of June 15, 2011, The Statement on Standards for Attestation Engagements (SSAE) No. 16 replaced the SAS 70 as the authoritative guidance for reporting on service organizations by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA).
To ensure operational integrity and maintain necessary regulatory compliance as a service organization for our customers, DataComm has successfully completed the comprehensive SSAE 16 SOC1 Type II internal control audit.
By maintaining the SSAE16 SOC1 Type II certification, our goal, as a service provider, is to deliver the assurance to our customers and prospects that we meet or exceed an extensive list of controls in both our business and technical operations. The SSAE16 SOC1 Type II certification reduces the need for our customers to build certain controls into their IT infrastructure in order to comply with Sarbanes-Oxley 404 (SOX) and Gramm-Leach-Bliley Act (GLBA).
As part of the audit process, DataComm’s systems and processes undergo extensive evaluation and testing, including: security monitoring, change management, system development life cycles, backup controls, physical and environmental safeguards, logical as well as physical access and other criteria.
Given the substantial costs associated with non-compliance with SOX and GLBA, the SSAE16 SOC1 Type II audit compliance should be part of every organization’s checklist when evaluating third party service providers. As a fast-growing company we are proud to be able to provide our customers the assurance that comes from this auditing process. At DataComm, we remain committed to maintaining the highest compliance standards set for the industry.