Replicon SSAE-18 Compliance

SSAE 18 is the de-facto industry certification for service providers in the United States, and examines both the design of our internal controls, as well as the effectiveness of those controls over a long period of time.

2X
Bi-annual Audits

Replicon undergoes bi-annual SSAE 18 audits to ensure your data is protected at all times

SSAE-18 Compliance Audit Checklist
icon_employees_work
Application security controls and customer data isolation
icon_deskless_workers
Network Protection and Disaster Recovery Plans
icon_lack_visibility
Internal Controls and their effectiveness
icon_compliance_issues
Physical Security of Data Centers – Biometric security
icon_inability_control
Environmental Controls and HVAC systems

How Replicon Makes SOX Compliance Easy

Secure, Cloud-based Apps

We’ve implemented controls within our applications ensuring data is secure including SSL, user authentication, encryption, automated idle timeouts, and role-based user access

Network Security

Firewalls in place to separate our application network from outside traffic and anti-virus software in place to detect and prevent transmission of data or files that contain virus signatures

Disaster Recovery

Detailed disaster recovery procedures in place, redundant data centers with automatic failovers with daily system backups

24 Hour Security

Data centers are protected around the clock by on-site security personnel with full digital tracking of all activities on site with access cards and biometric security systems

Environmental Controls

All of our data centers are in full temperature controlled and flood resistant environments ensuring absolutely highest reliability

Corporate Responsibility

Company executives can report on the company’s liability obligations at any time.

Replicon received an unqualified yes to every one of the areas mentioned above following a rigorous examination by an auditing firm.

SSAE 18 (Formerly SAS70)

SSAE 18 stands for the Statement on Standards for Attestation Engagements 18 and is a regulation created by the AICPA (American Institute of Certified Public Accountants). The regulation defines the professional standards used by a service auditor to assess the internal controls of a service organization. Service organizations who wish to be SSAE 18 certified must undergo a rigorous security audit by a third party service auditor that conducts tests in the areas of Control Environment, Physical Security, Environmental Protection, Computer Operations, Information Security, Application Change Control, Data Communications and Data Input and Validation. SSAE 18 effectively replaces SAS 70 as the authoritative guidance for reporting on service organizations. Replicon received an unqualified yes to every one of the areas mentioned above following a rigorous examination by an auditing firm.