SSAE 16 is an acronym for the American Institute of Certified Public Accountants (AICPA) Statement on Standards for Attestation Engagements (SSAE) No. 16 titled Reporting on Controls at a Service Organization (SOC 1). The SSAE 16 attestation standard defines the professional standards used by a service auditor to assess the controls of a service organization relevant to its end users’ controls over financial reporting.
In order to complete the examination, BroadRiver management developed control objectives for the significant areas of internal control that support the data center services system. The control objectives in the 2012 report addressed each of the following areas:
• Physical Security
• Environmental Security
• Network Security
• Management and Support
• System Maintenance
BroadRiver’s service auditor performed extensive testing of the control activities that have been implemented by BroadRiver to help ensure that our control objectives are met. The service auditor’s testing allowed the service auditor to opine on whether, in all material respects, based on criteria described in the BroadRiver’s assertion
• The description fairly presents the data center services that was designed and implemented throughout the specified examination period;
• The controls related to the control objectives stated in the description were suitably designed to provide reasonable assurance that those control objectives would be achieved if the controls operated effectively throughout the specified examination period and user entities applied the complementary user entity controls, if any, contemplated in the design of the BroadRiver’s controls throughout the specified examination period; and
• The controls tested operated effectively throughout the specified examination period.
Following this rigorous examination, the auditing firm was able to issue an unqualified opinion regarding each of the areas described above.
BroadRiver management recognizes that Sarbanes-Oxley legislation has placed an increased focus on the internal controls of valued business partners. The SOC 1 (SSAE 16) report is designed to provide clients with a certain level of assurance regarding the controls that are maintained by BroadRiver management. The report addresses all five components of internal control outlined in the Sarbanes-Oxley legislation, namely the control environment, risk assessment activities, control activities, information and communication systems, and monitoring activities. The structure of our report is intuitive and is designed to be incorporated well with our clients’ Sarbanes-Oxley compliance programs.
Furthermore, BroadRiver’s management understands the ever increasing importance of corporate governance, as well as the impact of the organization’
Since 1999, the BroadRiver team has been delivering the most demanding technology services focusing on voice, data, cloud, and managed infrastructure solutions to enterprise organizations as well as wholesale and carrier clients throughout the United States.
At BroadRiver, we have the wisdom and experience required to deliver solutions that meet the unique long term needs of our clients’ mission critical business applications. Our solutions leverage our extensive network reach and our commitment to exceptional customer service, performance and value.
For more information, please visit us on the web at http://www.broadriver.com/
Please contact our General Manager, Kevin Beebe at (404) 961-1121 to obtain further information regarding BroadRiver’s SOC 1 examination.