|SAS 70 reports only on controls related to financial reporting. If you need assurance of controls directly related to data centers, including privacy, security and availability, you should look for a SOC 2 report. SAS 70 was replaced by SSAE 16 in June 2011.|
SAS 70 (Statement on Auditing Standard) was the original internationally recognized standard reporting on data center operational processes and practices, but has since been replaced by SSAE 16 (Statement on Standards for Attestation Engagements) by the AICPA (American Institute of CPAs). As of June 2011, SOC (Service Organization Control) reports are the most current way to judge a data center’s operational excellence.
There are two kinds of SAS 70 reports:
- Type I - Reports on operational controls
- Type II - Reports on how effective these controls are over a specified period of time (six months)
Here’s what you need to know about SAS 70 Hosting and Online Tech:
- Online Tech is SAS 70 Type II certified by an independent auditor.
- What does that mean? We implement a tested, consistent set of processes and security procedures to manage your applications daily.
- Not only do we follow best practices, we also want your data and servers to follow HIPAA compliant hosting, SOX compliant hosting and PCI compliant hosting standards.
- All of Online Tech’s Midwest data centers are SAS 70 Type II & SSAE 16 audited.
- We maintain our SAS 70 audit each and every year to stay up-to-date on operational excellence and provide your company with a safe, secure and quality hosting solution.
While SAS 70 is being replaced by SSAE 16 and SOC reports, it is still referenced as an indicator of data center standards.