Company Announces Annual PCI DSS, HIPAA/HITECH, SOX Audit Results
CHARLOTTE, N.C. (February 24, 2011)– Peak 10 Inc., a managed services company with world-class data centers, is pleased to announce it has successfully completed a company-wide audit of its data center and managed services operations. The audit was performed by Brightline Certified Public Accountants and Associates Inc. (formerly SAS 70 Solutions), a nationally recognized independent auditing firm. Operations in each of Peak 10’s markets and corporate business units were examined in the course of this audit and disclosed in a Type II Service Organization Control (SOC 1) Report.
According to the American Institute of Certified Public Accountants, SOC reports are designed to help organizations that operate or provide information systems services to other entities build trust and confidence in their service delivery processes and controls through a report by an independent Certified Public Accountant. The Type II SOC 1 audit was performed under the Statement of Standards for Attestation Engagements Number 16 (SSAE 16) standard. SSAE 16 is the successor to the SAS 70 standard which will be ending in 2011. Peak 10 is one of the first organizations to ever undergo an SSAE 16 Type II audit. In support of its clients with international concerns, the report was also performed in accordance with SSAE 16’s counterpart, the International Standard for Assurance Engagements Number 3402 (ISAE 3402).
“We are committed to supporting customers in their ongoing efforts to meet the increasingly stringent regulatory demands of their industry and/or governing agency,” said David Kidd, the director of quality assurance and compliance for Peak 10. “The fact that we were among the first organizations to undergo a company-wide SSAE 16 audit demonstrates the high standards to which we operate and our attention to excellent customer service. We want our customers to be able to focus on building their core business, and compliance is one more way we can offer them a competitive advantage while leaving focus on technology to Peak 10.”
The SOC 1 audit report documents Peak 10’s system of controls and attests that those controls were suitably designed and operated effectively throughout the previous year. The scope of this report includes key aspects of Peak 10’s data center services including physical and logical security, environmental security, managed hosting, network services, monitoring, infrastructure change management, provisioning and support.
Peak 10’s service auditor performed extensive testing of the control activities that have been implemented by Peak 10 to help ensure that objectives were met. Following this rigorous examination, the auditing firm was able to issue a favorable opinion regarding Peak 10’s data center operations.
Sarbanes-Oxley legislation and other regulatory pressures have placed an increased focus on the internal controls of valued business partners. Peak 10’s 2010 audit report is designed to provide clients with an assurance regarding the controls that are maintained by Peak 10’s management. The report addresses all five components of internal control outlined in the Sarbanes-Oxley legislation, namely the control environment, risk assessment activities, control activities, information and communication systems, and monitoring activities. The structure of Peak 10’s report is intuitive and is designed to be easily incorporated with Sarbanes-Oxley compliance programs.
Peak 10 concurrently underwent a successful audit of HIPAA/HITECH privacy controls. The service auditor has issued a Type II AT-101 report, which documents a number of protections Peak 10 has implemented to safeguard private information on behalf of healthcare and health plan providers, and their business associates that rely upon Peak 10 services.
Peak 10 is further pleased to announce that it has validated compliance with the Payment Card Industry Data Security Standard (PCI DSS) as a “Level 1” service provider for its data centers.
The PCI DSS requires that any merchant that outsources the processing or storage of payment card data to a third party provider verify that the provider adheres to the standard. As a leading provider of data center management services to merchants, Peak 10 has proactively met this obligation to its customers. Following completion of the analysis, a Qualified Security Assessor (QSA) issued a Report on Compliance to reflect Peak 10’s compliance with the PCI DSS.
Peak 10’s management team understands the ever-increasing importance of corporate governance, as well as the impact of data center services on its clients’ system of internal controls. Peak 10 has successfully supported its clients’ regulatory requirements for several years. The favorable completion of this most recent series of audits is only part of Peak 10’s continued commitment to maintaining a well-governed, high-quality service environment. Peak 10 has established an independent governance, risk management, and compliance function and has engaged its service auditor in a long-term contract whereby Peak 10 will continue to undergo regular independent reviews.
About Peak 10 Inc.
Peak 10 is a managed services company with world-class data centers. It delivers scalable, economical and reliable solutions for hosting and managing complex information technology infrastructure. The company’s expert team embraces the industry’s evolving technologies by adopting and tailoring solutions such as virtualization and cloud-based services as part of its robust managed services offering. Its strong customer focus, financial stability, geographic diversity and technical strength attracts market-leading companies such as LendingTree, Global Knowledge, Pergo, Healthways, Churchill Downs and Carnival Cruise Lines. Peak 10 is SSAE 16 compliant and helps companies meet the requirements of various regulatory compliance acts such as Sarbanes-Oxley (SOX), HIPAA, PCI and Gramm-Leach-Bliley (GLBA). For more information on data center solutions from Peak 10, visitwww.peak10.com.