Replicon SSAE-18 Compliance

SSAE 18 is the de-facto industry certification for service providers in the United States, and examines both the design of our internal controls, as well as the effectiveness of those controls over a long period of time.



Replicon undergoes bi-annual SSAE 18 audits to ensure your data is protected at all times

SSAE-18 Compliance Audit Checklist

Application security controls and customer data isolation

Network Protection and Disaster Recovery Plans

Internal Controls and their effectiveness

Physical Security of Data Centers – Biometric security

Environmental Controls and HVAC systems


How Replicon Makes SOX Compliance Easy

Secure, Cloud-based Apps
We’ve implemented controls within our applications ensuring data is secure including SSL, user authentication, encryption, automated idle timeouts, and role-based user access
Network Security
Firewalls in place to separate our application network from outside traffic and anti-virus software in place to detect and prevent transmission of data or files that contain virus signatures
Disaster Recovery
Detailed disaster recovery procedures in place, redundant data centers with automatic failovers with daily system backups
24 Hour Security
Data centers are protected around the clock by on-site security personnel with full digital tracking of all activities on site with access cards and biometric security systems
Environmental Controls
All of our data centers are in full temperature controlled and flood resistant environments ensuring absolutely highest reliability
Corporate Responsibility
Company executives can report on the company’s liability obligations at any time.
Replicon received an unqualified yes to every one of the areas mentioned above following a rigorous examination by an auditing firm.

SSAE 18 (Formerly SAS70)

SSAE 18 stands for the Statement on Standards for Attestation Engagements 18 and is a regulation created by the AICPA (American Institute of Certified Public Accountants). The regulation defines the professional standards used by a service auditor to assess the internal controls of a service organization. Service organizations who wish to be SSAE 18 certified must undergo a rigorous security audit by a third party service auditor that conducts tests in the areas of Control Environment, Physical Security, Environmental Protection, Computer Operations, Information Security, Application Change Control, Data Communications and Data Input and Validation. SSAE 18 effectively replaces SAS 70 as the authoritative guidance for reporting on service organizations. Replicon received an unqualified yes to every one of the areas mentioned above following a rigorous examination by an auditing firm.

Share This

Start Tracking Your Time and Billing with Replicon

Contact Us
Live Chat