What Is SSAE 16 Compliancy?
SSAE SOC II provides much more stringent audit requirements than the former SAS70 compliance – with a stronger set of controls and requirements specifically designed around data center service organizations.
SSAE SOC II provides what was missing in the SAS70 – a standard benchmark by which two data center audit reports can be compared and assurances that the same set of criteria is used to evaluate each.
Why is SSAE 16 SOC II Compliance Important?
In today’s global economy, service organizations or service providers must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers.
In addition, the requirements of Section 404 of the Sarbanes-Oxley Act of 2002 make SSAE 16 audit reports even more important to the process of reporting on the effectiveness of internal control over financial reporting. The SSAE 16 audit independently verifies the validity and functionality of a Data Center’s control activities and processes.
These control activities and processes are important to customers within the financial , healthcare, and insurance sectors, as well as to publicly traded companies who must validate the security of their financial and sensitive information controls. A yearly audit is performed to not only verify that procedures are in place and effective, but that they are maintained.