SSAE 16 Compliance Information

When it comes to selecting a data center, colocation provider or outsourced IT provider, the SSAE 16 audit provides customers the peace of mind to know the appropriate internal controls are in place and being monitored. Replacing the SAS 70 audit standard, the Statement on Standards for Attestation Engagements (SSAE) No. 16 is issued by the American Institute of Certified Public Accountants (AICPA).

Compared to the SAS 70 audit, the SSAE 16 was created to be a more comprehensive and in-depth. The audit includes a full description of systems, technical design, operational process and safety controls for our data center and cloud services. Datotel has successfully completed the SAS 70 process annually since 2006 and has completed the process of obtaining the updated standards of SSAE 16. This third-party audit of Datotel demonstrates the commitment we have made to provide the highest level of standards for our client’s compliance and security so we can safely manage your IT needs.

Why is the SSAE 16 Audit Important?
Colocation and Infrastructure as a Service (IaaS) providers that host systems that support their clients’ financial reporting are responsible for certain controls over those systems, such as physical and environmental security. Some example industries include:

  • Payroll Processing
  • Loan Servicing
  • Data Center/Co-Location/Network Monitoring Services
  • Software as a Service (SaaS)
  • Medical Claims Processors

Because no company wants to individually audit every partner, the SSAE 16 audit becomes a necessity. The SSAE 16 audit is designed to streamline the auditing and reporting processes. By completing the SSAE 16 assessment, Datotel can provide our third-party auditor’s report to our clients upon request. Because the report is reviewed, evaluated and approved by an independent auditor, you can rely on the quality of our internal controls without having to validate them independently.

  • The Datotel Risk Assessment Methodology:

    Risk assessments come in many forms, but the underlying purpose is to identify and document known risks to a given process or system and identify the consequences if that risk were to occur. With the risks both identified and quantified, … Continue reading

    ...more
  • Admin Terms of Use Contact Us