Compliance Audits Matter at AIS


Compliance

AIS takes extraordinary efforts to safeguard our clients data, privacy, equipment, and connectivity, and security. We undergo multiple third-party audits, demonstrating compliance with rigorous industry standards.

AIS completes the following audits annually:

  • SOC 1 Type 2 (SSAE 18 and ISAE 3402)
  • SOC 2 Type 2
  • SOC 3 Type 2

At each of our 5 sites:

  • Lightwave Data Center (LWDC) San Diego, California
  • San Diego Tech Center (SDTC) San Diego, California
  • Fiber Alley Data Centers #1/#2/#3 (FADC) San Diego, California
  • One Wilshire Point of Presence (OWPOP) Los Angeles, California
  • Van Buren Data Center (VBDC) Phoenix, Arizona

Conducted by Moss Adams, one of the largest accounting and business consulting firms in the nation.

SSAE 18 Type 2
SSAE 18 (Statement on Standards for Attestation Engagements #18) replaces SSAE 16 and the old SAS 70 type of audit which had been around since the early 1990s. SOC (Service Organization Controls) 1, 2, and 3 audits assure that controls asserted actually exist and are functioning properly.

  • SOC 1 focuses on relevant data center system controls for financial reporting purposes, and has been scoped to cover standard for both the United States and international use.
  • SOC 2 focuses on the security and availability principles
  • SOC 3 is a summary Trust Services Report, documenting assurances on AIS controls related to the Security and Availability principles but without the detailed description of the tests and results contained in SOC 2.

SSAE 18 audits require an attestation engagement, where AIS management provides a written assertion regarding the controls designs, objectives, and implementation. The auditor then verifies that proper controls are in place and functioning properly.

SSAE18 audits are either Type 1 or a Type 2. Type 1 reports on the suitability of the design of controls at a point in time, while Type 2 tests not only the design of the controls, but the operating effectiveness of the controls over a period of time, usually six months to one year. AIS undergoes Type 2 audits.

All AIS audit reports are available upon request with the execution of a Non-Disclosure Agreement. Please contact us for more information.

Compliance

AIS can assist you in locking down network infrastructure and ensuring compliance to the provisions related to:

  • Federal Financial Institutions Examination Council (FFIEC)
  • Federal Information Security Management Act (FISMA)
  • Gramm-Leach Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Health Information Technology for Economic and Clinical Health (HITECH)
  • International Organization for Standardization (ISO)
  • Payment Card Industry (PCI) Data Security Standards (DSS)
  • Sarbanes-Oxley (SOX)
  • And more…

We have extensive experience in regulated markets and we will gladly work with you to map out a solution that meets your specific needs.

Contact AIS for more information on network infrastructure compliance

Recent Blog Posts

Testimonials

We are delighted to be working inside the AIS data center to provide full service managed storage to enterprise clients. We understand the importance of Phoenix in the disaster recovery market and have the processes, systems and culture in place to become a seamless extension of the IT services team for any sized organization. John Nash, CEO and founderPhreedom Technologies

Quick Links