At NaviSite, we’re strongly committed to third-party validation, standards, and certification of the policies and procedures we use to maintain your applications and underlying infrastructure. We also understand the importance of helping you address your own regulatory requirements. That’s why we maintain several certifications and services to effectively address your unique needs.
SSAE-16 Audit
SSAE-16 audit compliance should be on every organization’s checklist when evaluating outsourcing vendors. This internationally recognized standard confirms a service organization has passed an in-depth audit of its control activities. NaviSite has successfully completed the SSAE-16 Audit.
NaviSite’s controls were created using ITIL best practices in IT and security. The systems and processes evaluated in this audit include security monitoring, change management, problem management, backup controls, physical and environmental safeguards, and logical access.
In addition NaviSite also conducts semi-annual voluntary audits for more than 100 internal control points.
Addressing Other Regulatory Requirements
NaviSite provides services to public and private organizations across a variety of industries. As a result, we have strong track record of successful engagements with clients to implement IT services that address a wide range of regulations affecting specific market segments. NaviSite can deliver IT services that help you address requirements including:
- Sarbanes-Oxley
- Payment Card Industry (PCI) standards
- Gramm-Leach-Bliley Act (GLBA) California Security Breach Information Act
- U.S. Department of Homeland Security
- Health Insurance Portability and Accountability Act (HIPAA) / Health Information Technology for Economic and Clinical Health Act (HITECH)
- National Institute of Standards & Technology / Federal Information Security Management Act
- European Union Data Protection Act / Safe Harbor