Blog  Subscribe to our RSS feed RSS

Gossamer Threads Completes SSAE 16 Audit

We’re happy to announce that Gossamer Threads successfully completed an SSAE 16 (US) audit, as well as its Canadian and international counterparts, the CSAE 3416 and ISAE 3402. Often used by companies offering cloud hosting and software as a service, these audits represent an assurance to our clients that we’re meeting the standards and workflow we advertise.

What is SSAE 16?

SSAE 16 stands for Statement on Standards for Attestation Engagements No. 16 and is accountant-speak for the examination of an organization’s systems, processes, and controls, and the issuance of an industry-standard report. The audit guidelines are set out by the American Institute of Certified Public Accountants, and must be performed by a third party certified accountant or accounting firm. The third party looks at the information we give our clients with regards to security and control systems, and gives an opinion about the quality and accuracy of the information being claimed.

Because we like to do things properly, we chose to go with a “Type 2” audit, which means we were monitored during a specific time period (September 2012 to February 2013) instead of just one specific date (Type 1).

What’s on the audit?

Since criteria for SOC1 reports are not defined by default, we worked with the CPA firm Auditwerx to identify categories and standards important to our field. We settled on information technology, application development, hosting, and our transaction processing systems as key criteria.

The auditor performed a physical inspection of our office and data center, interviewed our senior staff, and documented their work with numerous photos of our facilities and screenshots of our websites and workflow documents. Our data center as well as our company and human resource policies have been examined with a focus on security as well as proper environment for the servers.

The result: The auditor confirmed that our stated controls and processes are fully in place and designed effectively.

What does that mean for you?

Many of our clients use our platforms and applications for business-critical purposes and need to be sure that their information is secure. With the audit focusing on security and proper server storage, our clients can rest assured that we are holding to the standards we advertise in security, personnel, and server infrastructure. Their valuable data will be kept at the highest levels of integrity when working us.

With Gossamer Threads, you know that the label and the service are the same. Interested in working with an up-front hosting company? Let’s talk.