Host with peace of Mind:
Codero is SSAE 16 SOC I Certified (SAS 70)
Codero has been SAS 70 certified since 2010, and now is certified under the new SSAE 16 standard
SSAE No.16 (Statement on Standards for Attestation Engagements) has replaced the Statement on Auditing Standards No. 70 (SAS 70) as the primary standard for reporting on controls at service organizations like Codero. It is an attestation standard issued by the American Institute of Certified Public Accountants (AICPA). Developed by the AICPA, SSAE serves to assess a service organization's internal controls and operations which impact the control environment of their customers. SSAE 16 addresses engagements conducted by service auditors on service organizations for purposes of reporting on the design of controls and their operating effectiveness.
The new service organization reporting standard, Statement on Standards for Attestation Engagements (SSAE) No. 16, became effective June 15, 2011. SSAE 16 supersedes the Statement on Auditing Standards (SAS) No. 70. Codero, having previously received the SAS 70 Type II certification is now SSAE No. 16 SOC 1 certified as of August 1, 2011. These external certifications are performed yearly; however, Team Codero lives by their principles daily.
SAS 70 Type II Certified
As mentioned above, we are proud of the fact that Codero had been continuously SAS 70 certified since February of 2010. There are two types of SAS 70 auditor reports, Type I & Type II.
- Type I audits focus on the validity of the controls in operation at the service organization to ensure they complete the specified control objectives.
- Type II audits focus on the Type 1 controls that are in place as well as how they are executed over a specific period of time.
Codero completed the SAS 70 Type II audit, and received certification for it.
Areas that Codero was Reviewed to obtain the SSAE 16 SOC I & SAS 70 Type II certifications
- Control of access to computer programs and security of data
- Control of new development and changes to existing programs and systems
- Information systems and general computer controls
- User responsibilities
- Operations and control environment
- Monitoring and risk assessment