The Benefits of SSAE 16 Compliance

A data center is expected to match up to an array of standards and laws as prescribed by the government and industry. One of them is Standards for Attestation Engagements (SSAE) No. 16 Type-2 compliance.

The Benefits of SSAE 16 ComplianceWhat this means is that the data centers should not only comply with government laws and industry regulations (Type-1), but  that the compliance should also  have been tested in operation over a time period (Type-2). Your customers can then directly report that in their auditing without the need to have an additional reporting of their own. This compliance is also in line with the similar international attestation, namely ISAE 3402.

A major goal of a data center's daily operations is to ensure the Security, Processing Integrity, Confidentiality, Availability and Privacy of data/ supporting assets for clients. The report has to audit the same.

The report’s description should include the services provided by the organization as well as all the operational activities that affect the service’s customers. It should also include the detailed testing of the controls over a period of time to verify that these controls are actually occurring as proposed by the service organization. These control objectives are often different for each report. General controls include security, risk assessment, communication, and monitoring.

Along with the description of service organization’s system, a written statement of assertion is required. This assures the customers that their company is in an organization that will handle their critical data with utmost care and will ensure them that their controls are functioning properly.

SSAE 16 Type-2 thus establishes the following activities:

  • The accuracy of information in the design description of each control.
  • The suitability of the controls and their completeness for a specified period.
  • Testing for the operating effectiveness of each control.

Thus, this greatly helps to attract new clients by gaining their confidence. To know more about SSAE 16 data center compliance and implementation, please visit

Alex Carroll

Alex Carroll

Managing Member at Lifeline Data Centers
Alex, co-owner, is responsible for all real estate, construction and mission critical facilities: hardened buildings, power systems, cooling systems, fire suppression, and environmentals. Alex also manages relationships with the telecommunications providers and has an extensive background in IT infrastructure support, database administration and software design and development. Alex architected Lifeline’s proprietary GRCA system and is hands-on every day in the data center.
Alex Carroll