SSAE No. 16 SOC I Certified
The new service organization reporting standard, Statement on Standards for Attestation Engagements (SSAE) No. 16, became effective June 15, 2011. SSAE 16 supersedes the Statement on Auditing Standards (SAS) No. 70 with the professional guidance on performing the service auditor's examination. Codero, having previously received the SAS 70 Type II certification is considered SSAE No. 16 SOC 1 certified as of August 1, 2011 continuting through July 31, 2012. Developed by the AICPA (American Institute of Certified Public Accountants), SSAE serves to assess a service organization's internal controls and operations which impact the control environment of their customers.
SAS 70 Type II Certified
As mentioned above Codero had been SAS 70 certified since 2010. We received that certification after a detailed assessment of internal controls during the first review that was completed for Type I Certification in February, 2010. In continued commitment we received a second review for our SAS 70 Type II certification which was completed September, 2010.
Mobile commerce companies are looking for Type II standards for their hosting solutions without the capital expenditures and operational expense of collocation. We chose Codero because of their rigorous business process standards and because they can offer us PCI compliant infrastructure management for a fraction of the cost of owning our own equipment and data center.
- Arish Ali
- Skava
Areas Reviewed for Controls & Objectives
- Operations and control environment
- Monitoring and risk assessment
- Information systems and general computer controls
- Control of access to computer programs and security of data
- Control of new development and changes to existing programs and systems
- User responsibilities
Download SSAE No. 16 SOC I Overview Download Auditor Letter Of Opinion
