NetStandard Inc. Adopts New SSAE 16 Audit Standards Ahead of June 15th Compliance Deadline

Share Article

New IT service audit ensures the highest levels of security, processing integrity and privacy for banking, healthcare and other clients to meet new government and industry regulations

“We believe in staying ahead of requirements to provide our clients with the latest available technology and security,” said John Leek, chief technology officer at NetStandard.

More than a month ahead of the June 15th compliance and regulatory deadline, NetStandard Inc. today announced it has successfully completed their first SSAE 16 (Statement on Standards for Attestation Engagements No. 16) audit standard.

“The SSAE16 is very significant for our service clients because it will simplify their future audits performed by organizations including FDIC, OCC, OTS or 3rd party audits that need to meet PCI, SEC or HIPAA requirements,” said John Leek, chief technology officer at NetStandard, the largest technology company and data center headquartered in Kansas City, Kan. – home to Google’s recently announced “superfast” fiber optic network initiative by 2012.

The New SSAE 16 Auditing Standard
Kirkpatrick Price, Inc. performed the examination for NetStandard Inc. in accordance with new standards established by the American Institute of Certified Public Accountants (AICPA). SSAE 16 effectively replaces the Statement on Auditing Standards No. 70 (SAS 70) as the primary standard for reporting on controls at service organizations to keep pace with the growing changes in regulatory compliance.

NetStandard adopted the new SSAE 16 standard ahead of the June 15, 2011 required implementation deadline to most effectively prepare its clients — particularly its financial and healthcare clients — who rely on the highest levels of safe and secure IT services.

“By completing this rigorous third party audit before the deadline, NetStandard clients can be assured that we have the highest standards of controls, processes and procedures in place and can safely and securely manage their IT and data needs,” said Leek.

NetStandard is one of the earliest data centers to complete the audit demonstrating compliance with SSAE 16 requirements. “NetStandard is among a select group of service providers that have elected to aggressively pursue the SSAE 16 audit ahead of the June implementation deadline,” said Joseph Kirkpatrick, senior partner with Kirkpatrick Price. “Completion of this audit offers a significant advantage to clients who must meet the new standard by ensuring their managed IT and data service provider has already successful completed the audit.”

In April 2010, the AICPA published the new SSAE 16 attestation standard with a deadline of June 15, 2011 for all service organizations to meet the new regulations.

“We believe in staying ahead of requirements to provide our clients with the latest available technology and security,” Leek said. “This SSAE 16 designation ensures our clients are in line with international standards. We saw no reason to delay this benefit to our clients.”

Demonstrating New Levels of Reliability and Trust
Cloud computing and outsourcing have grown tremendously in the business world. As more banks, healthcare providers and other industries outsource essential business functions, regulatory focus on internal controls of service providers has demanded new standards.

SSAE 16 addresses the need for detailed information on controls related to matters beyond financial controls, such as security and privacy. SSAE 16 supersedes the previous standard, SAS 70, which was not designed to test non-financial controls. Within the framework of the new standard, the AICPA established Service Organization Control (SOC) Reports to address the new business environment and help service providers demonstrate reliability and trust to current and potential clients.

Specifically, NetStandard has completed the SSAE 16, Service Organization Controls (SOC) Report-Type 2 audit that tests and reports on controls relevant to five key system attributes:

  • Security — The system is protected against unauthorized access (both physical and logical).
  • Availability — The system is available for operations and used as committed or agreed.
  • Processing Integrity — System processing is complete, accurate, timely and authorized.
  • Confidentiality — Information designated as confidential is protected as committed and agreed.
  • Privacy — Personal information is collected, used, retained, disclosed and disposed of in conformity with the customer’s privacy needs.

The SSAE 16 audit report provides a detailed description of a service organization’s systems, tests performed and results. The new IT service audit is particularly important for hosted/cloud and Software-as-a-Service (SaaS) providers like NetStandard who offer virtualized computing services to clients with the highest level of safety, security and privacy standards.

SSAE 16 differs from its predecessor by requiring management to write its own assessment of controls that are confirmed by a third-party auditor by performing testing procedures. The new standard includes an "attest" function and aligns with the requirements of the current international standard, ISAE 3402. More information on the SSAE 16 audit standard is available at

About NetStandard, Inc.
NetStandard Inc., established in 1996, is a leading information technology business and data center headquartered at 2000 Merriam Lane in Kansas City, Kansas. NetStandard delivers IT managed services, scalable secure data center services and hosted/cloud computing services through a nationwide reseller network to small and mid-size businesses. For more information, visit


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Terri Sallaz
Visit website