TulsaConnect's facilities and operations have been SSAE 18 audited.
What is SSAE 18 SOC1 Type II?
SSAE 18 is an acronym for "Statement on Standards for Attestation Engagements No. 18". It is an accounting standard developed by the American Institute of Certified Public Accountants that audits the internal controls of service organizations, such as TulsaConnect. It was created to help identify those organizations willing to hold themselves to a very high level of standards.
What happens during a SSAE 18 SOC1 audit, and what types of things do they look at?
During a SOC1 Type I audit, the auditor examines the controls that the service organization claims to have in place at a specific point in time and issues an opinion on if those controls are appropriate and effective. A Type II audit is similar to a Type I audit, except the controls are tested over a longer period (typically 6 months or longer).
What is a "control"?
A control is a process, policy, or tool that you have in place which is designed to enforce a specific claim. For example, TulsaConnect has controls in place to ensure that only authorized personnel have physical access to our Data Centers. These controls consist of biometric security devices, entry/exit logs, and record-on-motion security cameras. All customer access to the facilities are via TulsaConnect escort only.
Why is SSAE 18 SOC1 Type II Important for TulsaConnect?
Having a SSAE 18 report available for our customers demonstrates our commitment to complete transparency into our policies, procedures, and controls. In addition, having TulsaConnect's SSAE 18 report available may simplify any internal or external audits that a customer organization may be subject to.