The successful completion of a SAS 70 Type II audit for certification was essential and It’s testimony to the fact that we have the necessary procedures in place to fully secure and protect clients’ online data assets within our corporate data center facilities.
Over the last several years, industry regulatory developments have started to focus the spotlight on corporate accountability. Many corporations are now closely reviewing and seeking to validate the controls over every item that can affect their financial statements, including the controls in place at outsource service providers (OSP.) As a result, companies looking to outsource their IT infrastructure must consider whether to have the company’s auditor conduct a separate audit of the potential provider, or to select a provider that has already completed a recognized audit and validation process.
The necessary review of a provider is a long and arduous task, not to mention very costly. A number of regulatory provisions require that company management take responsibility the company’s financial reporting, as well as the external controls. Therefore, it is of the utmost importance that the company has a high degree of confidence in their provider’s internal controls. However, many companies find that attaining this high degree of confidence can be a time-consuming, expensive, and risky undertaking.
Fortunately, Statement on Auditing Standards No. 70 (”SAS 70″), an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). This compliance reports on the controls and internal processes provided by service organizations. This standard is extremely valuable in ensuring proper controls with respect to governance issues, and must factor into the selection of any provider for Managed Services. A SAS 70 review can validate the accuracy and integrity of a managed services provider’s operations to satisfy today’s rigorous reporting requirements, helping a corporation minimize the costs and risks of its own separate review. If the service provider has not gone through a SAS 70 examination, the company faces increased costs and potential risks in using that provider. Increased costs include the added expense of paying the company’s auditors to examine the service organization’s controls, as well as the possibility of weak internal controls, potentially leading to service failures.
SAS 70 certification is a very important standard for hosting providers with respect to its compliance activities. Hosted Solutions has received a qualified, Type II SAS 70 certification, demonstrating our commitment to meeting our partner’s needs. To Hosted Solutions ultimately, a SAS 70 examination reflects a global and integrated service solution. It ultimately proves our true commitment and ability to take to meet these high standards, and to exceed your proactive control over our processes. The certification differentiates a service provider from its peers by demonstrating the establishment of effectively designed control objectives and control activities. This creates a strong sense of trust and offers peace of mind to our clients. We believe that our Type II SAS70 certification stands out among other managed service providers, and reflects our leadership, commitment, and excellence. This certification confirms that Hosted Solutions has internal controls that are suitably designed and operating effectively to administer your mission critical applications.
The SAS 70 audit independently verifies the validity and functionality of a data center’s control activities and processes. These control activities and processes are important to customers within the financial, healthcare, and insurance sectors, as well as to publicly traded companies who must validate the security of their financial and sensitive information controls. A yearly audit is performed to not only verify that procedures are in place and effective, but that they are maintained.
ZNetIndia.com Data Center is able to provide our clients with documentation of the SAS 70 Type II Certification, which will save you time and money and help you, reach PCI Compliance Standards as well.
Benefits to You (User Organization)
User organizations that obtain a Service Auditor’s Report from their service organization(s) receive valuable information regarding the service organization’s controls and the effectiveness of those controls. The user organization receives a detailed description of the service organization’s controls and an independent assessment of whether the controls were placed in operation, suitably designed, and operating effectively (in the case of a Type II report).
User organizations should provide a Service Auditor’s Report to their auditors. This will greatly assist the user auditor in planning the audit of the user organization’s financial statements. Without a Service Auditor’s Report, the user organization would likely have to incur additional costs in sending their auditors to the service organization to perform their procedures.
ZNetIndia.com Managed Hosting Provider providing state-of-the-art data centre locations is happy to have certified, with the highest available standards for measuring and improving data center operations and management.