SSAE 16 Compliant Data Center FAQ
Q: What standards are met by ColocationGuard?
A: Besides SOC 2 Type I, ColocationGuard is certified compliant with the Health Insurance Portability and Accountability Act as well as with standards set by the Payment Card Industry (PCI).
Q: What is SOC 2 Type I?
A: SAS70 was designed to audit controls whereas SSAE was designed to attest to the validity of systems fitness for a particular purpose. The differences are more obvious at the associated SSAE SOC level. SOC 1 is primarily designed to review financial reporting systems. SSAE SOC 2 covers operational control systems following a predefined Trust Services Principles and Criteria around security, availability, process integrity, privacy and confidentiality. SOC 3 documents relate to whether service organizations systems met the SOC 2 criteria but do not describe the tests or results achieved.
Our SSAE SOC 2 reporting assures our customers that we have adequate control systems in place to safeguard their data and information.
Q: What’s the process to be SOC 2 Type I certified?
A: The independent auditors evaluated ColocationGuard and GalaxyVisions against trust services principles established by AICPA. Specifically, these included reviews of service offerings, physical, logical and network security; risk assessment; change management. The audit covered all services offered by GalaxyVisions and ColocationGuard, including virtual private servers, dedicated servers, managed services and enterprise colocation.
Q: Who conducted the audit?
A: The audit was conducted by IS Partners LLC, a certified public accounting firm registered with the AICPA and PCAOB to ensure our data center was fully SSAE 16 compliant. IS Partners is a recognized authority for SSAE 16 and Service Organization Controls (SOC) audits and related attestation services. The firm, which is based in Horsham, Pa., serves clients in all major service industries throughout the United States, Canada, United Kingdom, Central America, India, Pakistan and Caribbean Islands. The firm’s SSAE 16 audit teams are comprised of experts in the areas of accounting, information technology, internal controls and business process auditing.