SSAE16 Compliant Hosting

SSAE16 Compliant Hosting
Logicworks is SSAE16 and SAS70 Type II certified and offers fully compliant hosting and cloud solutions allowing our clients (financial or otherwise) to fulfill the requirements of SSAE16 internal audits as well as SAS70 Type II audits. Logicworks undergoes an annual audit with Rothstein Kass to test defined controls and procedures throughout our Network Operations Center and Data Centers. While "SAS 70" has been the dominant in-depth audit of a third-party service organizations over the last many years, the original Statement on Auditing Standards (SAS) No. 70 is actually one of many periodic statements issued by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA). These statements generally involve the modification of existing auditing standards or the introduction of new auditing standards. With the passage of the Sarbanes-Oxley Act of 2002, the Public Company Accounting Oversight Board (PCAOB) will also issue auditing standards for public companies (i.e., registrants of the SEC) on a go-forward basis.

Statement on Standards for Attestation Engagements (SSAE) 16 was created to update the US service organization reporting standard so it complies with the new international service organization reporting standard – ISAE 3402.

For service organizations that currently have a SAS 70 service auditor’s examination (“SAS 70 audit”) performed, some changes will be required to effectively reporting under the new SSAE16 standard.

THE SSAE16 Type II COMPLIANT Foundations

All of Logicworks’ operations, data centers and cloud infrastructure architectures are governed and constructed by SSAE16 compliance protocols.

We work with our customers to provide seamless and fully considered protocols for SSAE16 Type II compliance procedures, including:

Who should consider?

  • Firms that have been received requests from their clients to provide a Type II Report
  • Firms that want to eliminate the amount of non-billable hours to assist the customer’s request to test related controls
  • Firms that need to respond to Due Diligence Questionnaires

What does it entail?

  • Test control activities
  • Perform walk-through of related processes
  • Identify and control design deficiencies
  • Provide a Type II report
  • All SSAE16 Type II reports address internal controls over financial reporting, including information systems as they relate to financial statement assertions
  • System description
  • Control objectives specified by management
  • Risk identification
  • Controls that address risks
  • Basis for assertion
  • Management’s assertion
  • Service auditor’s report

Logicworks’ compliance audit extends to our customers providing the following benefits:

  • Reduces cost of engaging outside auditors.
  • Identifies control gaps within the control environment and baseline against best practices.
  • Helps mitigate or eliminate multiple request from prospective clients, clients and their auditors.
  • Utilizes SOC reporting as a product differentiator from the competition.
  • Assists in investor or client due diligence and selection process.
  • Mitigates reputational risk via defined and tested controls and procedures.
  • Improves operational efficiency and risk management.
  • Increases transparency via third party evaluation