Good news - designDATA successfully completed our 2013 SOC 1-SSAE 16 type II audit (formerly known as a SAS-70 audit.) The audit covered our datacenter, operations, SysAdmin, monitoring, and IT services teams. Conducted by an independent service auditor, a SOC 1- SSAE-16 type II audit reports on the description of a service organization’s system, and the suitability of the design and operating effectiveness of the controls. The independent auditor examined our setup for processing users’ transactions, and examined how closely the design of our systems are complementing and achieving our objectives of security and controls. We provided a rigorous set of control objectives, and identified risks that threatened the realization of these security goals; then, we created a set of criteria to implement in order to achieve these goals. The independent auditor conducted this examination over the course of five months using the attestation standards established by the American Institute of Certified Public Accountants. At the end of this period, designDATA was summarily evaluated and passed without exception – which means we passed with flying colors!
Most companies of our size have not completed this type of assessment, as this type of audit is usually undertaken by larger companies. Why did we choose to undergo such a thorough evaluation? At designDATA we are committed to a standard of excellence that goes above and beyond the typical. We want our customers to know that we are dedicated to the security of their information and the performance of our controls, and that we volunteer to undergo these exacting evaluations so that they can have the highest possible confidence in their choice of designDATA’s solutions.
Completing this audit involved a lot of time and effort from all of our teams, particularly the SysAdmin and IT Architecture groups. Our success would not be possible without their enthusiasm and hard work.
Some benefits of having an SSAE 16 performed:
● Trustworthy stamp of approval
If you were to entrust a company with your data, wouldn’t you want complete assurance that it will be handled with utmost care? Rather than expecting you to take our word for it, we brought in the best to evaluate our standards.
● Ability to perform outsourcing services for public companies
Public companies are required to use a SSAE 16 qualified provider for financially significant outsourced duties, because it is the only way to give investors assurance over controls that are not performed by the company itself.
● Adding to designDATA’s valuable knowledge resources
As a service organization, we will always have questions regarding our business. Having a set of auditors in place with access to a wide array of knowledge gives us a year-round opportunity to engage in such questions with a trusted, certified group.
● Third-party assurance
Internal audit departments are good, but not always as stringent as they should be. This audit helps serve as a check on our own internal audits, as well as our entire team. A third-party evaluation provides a level of accountability and detail that can be difficult to achieve if only internal audits are performed.
● Improving performance of our organization
Just the knowledge that we are being evaluated encourages our entire staff to work together to represent our company. It is a privilege to have the opportunity to show off our hard work and commitment as a team.
View our report here.