SSAE 16 Compliance, SSAE 16 Audits Differentiate AIS
Not All SSAE 16 Compliance Levels Are Equal
AIS has successfully completed the stringent SSAE 16 SOC 1, 2, and 3 audits, enabling potential clients to have an even higher level of assurance that AIS has the appropriate controls in place to safeguard their data, equipment, and connectivity.
SSAE 16 (Statement on Standards for Attestation Engagements #16) replaces the old SAS 70 type of audit which had been around since the early 1990s.
The goal of the SOC 1, 2, and 3 audits was to provide assurance (via report) that controls asserted actually exist and are functioning properly.
The AIS controls matrix covers all aspects of the business including:
- Service Delivery
- Solutions Design
- Computer Operations
- Logical and Physical Security
- Change Management
- Incident Management
- Disaster Recovery Planning
- Business Continuity Planning
A key requirement of an SSAE 16 audit is an attestation engagement in which AIS management provides to the auditor a written assertion regarding the controls designs, objectives, and implementation.
The auditor, in turn, verifies the proper controls are in place and that they are functioning properly for the length of the sampling period through an SSAE 16 report.
Good news: for each of our San Diego and Phoenix data centers, AIS has successfully completed:
- SOC 1 Type II (SSAE 16 and ISAE 3402)
- SOC 2 Type II
- SOC 3 Type II
Learn More about the AIS SOC 1, 2, and 3 Reports