NDB. Your data center regulatory compliance auditors for North America.
Atlanta, GA (PRWEB) July 03, 2013
Data Centers are being hit hard with regulatory compliance mandates - specifically that of SSAE 16 Type II compliance. It’s important to gain a strong understanding of what constitutes an acceptable audit scope for such facilities, so take note of the comprehensive SSAE 16 Type II data center compliance checklist - and other critical information - from NDB Accountants & Consultants.
1. SOC 1 vs. SOC 2. The raging debate for SSAE 16 Type II data center compliance is that of choosing between SOC 1 SSAE 16 or SOC 2 AT 101 (and even possibly SOC 3). All three (3) reporting options have numerous upsides regarding data center regulatory compliance reporting - with many facilities actually performing both SOC 1 and SOC 2 assessments.
2. Minimum Baseline General Controls. Data centers should strive at all time to include what’s generally regarded as baseline minimum control objectives for purposes of scoping and testing for SSAE 16 Type II data compliance.
3. Managed Services Scoping and Control Considerations. If offering managed services, then numerous other scope and testing considerations are to be identified and discussed.
4. SOC 1 SSAE 16 – An adaptable and “flexible” reporting option.
5. SOC 2 AT 101 – “Prescriptive” in nature.
6. Audit Efficiencies - Combing the “Big Three” for data center compliance (SOC reports, PCI, and HIPAA compliance) is a must for curtailing costs and operational man-hours.
Call and speak with the North American data center compliance experts today at NDB by contacting Christopher Nickell, CPA, at 1-800-277-5415, ext. 706, or emailing him directly at cnickell(at)ndbcpa(dot)com.