Last year, designDATA was thrilled to tell you that we had completed our first SOC-1 SSAE-16 Type II audit (formerly known as SAS-70 audits.) This year, we are thrilled to tell you that we have successfully completed our renewal for 2014! As a result of continued dedication to excellence, we have passed our audit renewal with flying colors. The audit covered our data center, operations, SysAdmin, monitoring, and IT services teams. Completing this audit involved a lot of time and effort from all of our teams, particularly the SysAdmin and IT Architecture groups. Our success would not be possible without their enthusiasm and hard work.
Want to learn more about the team members behind designDATA's accomplishments? Get to know the Face of IT: this month, we're featuring a full interview designDATA Director of Project Management, Steve Cohen. Steve was instrumental in the completion of our SOC audit (thanks, Steve!) You can find Steve's interview here.
Conducted by an independent service auditor, a SOC-1 SSAE-16 type II audit reports on the description of a service organization’s system, and the suitability of the design and operating effectiveness of the controls. In both our 2013 audit and 2014 audit, an independent auditor examined our setup for processing users’ transactions, and examined how closely the design of our systems are complementing and achieving our objectives of security and controls. We provided a rigorous set of control objectives, and identified risks that threatened the realization of these security goals; then, we created a set of criteria to implement in order to achieve these goals. The independent auditor conducted this examination using the attestation standards established by the American Institute of Certified Public Accountants. At the end of this period, designDATA was summarily evaluated and passed without exception.
Most companies like designDATA have not completed this type of assessment, as this type of audit is usually undertaken by larger companies. Why did we choose to undergo such a thorough evaluation? At designDATA we are committed to a standard of service that goes above and beyond the typical. We want our customers to know that we are dedicated to the security of their information and the performance of our controls, and that we volunteer to undergo these exacting evaluations so that they can have the highest possible confidence in their choice of designDATA as a partner.
Some benefits of having an SSAE 16 performed:
● Trustworthy stamp of approval
If you were to entrust a company with your data, wouldn’t you want complete assurance that it will be handled with utmost care? Rather than expecting you to take our word for it, we brought in the best to evaluate our standards.
● Ability to perform outsourcing services for public companies
Public companies are required to use an SSAE 16 qualified provider for financially significant outsourced duties, because it is the only way to give investors assurance over controls that are not performed by the company itself.
● Adding to designDATA’s valuable knowledge resources
As a service organization, we will always have questions regarding our business. Having a set of auditors in place with access to a wide array of knowledge gives us a year-round opportunity to engage in such questions with a trusted, certified group.
● Third-party assurance
Internal audit departments are good, but not always as stringent as they should be. This audit helps serve as a check on our own internal audits, as well as our entire team. A third-party evaluation provides a level of accountability and detail that can be difficult to achieve if only internal audits are performed.
● Improving performance of our organization
Just the knowledge that we are being evaluated encourages our entire staff to work together to represent our company. It is a privilege to have the opportunity to show off our hard work and commitment as a team.
You can access a copy of our audit here.