SSAE 18 SOC II Standards
In 2007, to further prove NexusTek’s leadership as an IT managed services provider, NexusTek, based in Denver, Colorado, successfully underwent its first SAS 70 Type II audit and is committed to annual renewals going forward. The SAS 70 audit process was developed by the American Institute of Certified Public Accountants (AICPA) as an internationally recognized auditing standard for Service Organizations.
In 2011, the AICPA replaced the SAS70 with the new SSAE 16 audit standards and again in 2017, replaced SSAE 16 with SSAE 18. NexusTek works with our auditors annually to ensure that we maintain adherence to the latest audit standards in our private data centers.
Why it matters to our customers:
NexusTek is serious about security and controls and prioritizes the investment required to do so. The process is thorough and includes evidence gathering and physical inspection. In addition, the audit process includes design assessments and operating effectiveness tests of NexusTek’s policies and procedures, system availability, environmental controls, physical security, logical security, problem/incident management and infrastructure change management.
SSAE 18 SOC II Type II examinations help confirm that access to information is internally regulated and limited by physical controls and safeguards. SSAE 18 additionally puts forth requirements for companies to take more control/ownership of internal controls and identification and determination of risk while providing the appropriate management of 3rd party vendor relationships.
By completing this audit process again in 2020, NexusTek proves its adherence to rigorous, industry-accepted auditing standards for service companies. It’s just one more reason why NexusTek is one of the leading providers of managed IT services across the United States. Customers of NexusTek are provided a copy of this report annually by request.