The Type II SAS 70 audit is the only acceptable method for a third party to assure a service organisation's controls |
Brivo has received approval for its website to display the TRUSTe EU Safe Harbour Seal, which demonstrates its global commitment to consumer trust and privacy online. TRUSTe, the leading online privacy seal and trust assurance service, awards its privacy seals only to companies that complete the rigorous TRUSTe certification process and agree to comply with ongoing oversight and TRUSTe's consumer dispute resolution process.
"In addition to completing our SAS 70 Type II security audit, we are pleased to now add a TRUSTe privacy seal demonstrating Brivo's leadership in providing industry-leading safeguards for our customer's data," said Steve Van Till, Brivo President and CEO. "Lately, everyone is talking about the Cloud and SaaS applications. For those many companies shopping for a SaaS provider, these audits and certifications are not a luxury. Customers should demand them and SaaS providers must be able to offer such recognised assurances. Brivo is one of the few SaaS providers in the physical security industry making the financial commitment to provide the very best in data protection so our customers don't have to take on that expense."
Brivo has received approval for its website to display the TRUSTe EU Safe Harbour Seal |
The TRUSTe EU Safe Harbour Seal communicates that a website has committed to protecting the privacy of visitors through compliance with the EU-US Safe Harbour Framework and participation in TRUSTe's Watchdog Consumer Dispute Resolution service. The EU-US Safe Harbour Framework was developed by the U.S. Department of Commerce in concert with the European Commission to provide a framework by which US companies may comply with EU privacy directives protecting the personal information of European citizens.
For those companies doing business with European citizens, TRUSTe's online privacy seals help a company certify with the EU Directive on Data Protection, a Safe Harbour Framework developed by the U.S. Department of Commerce in concert with the European Commission.
In 2009, Brivo received both the SAS 70 Type I and II certifications, which assure customers that a service provider's controls and processes provide reasonable assurances of service levels and data security. The "Statement on Auditing Standards No. 70," commonly abbreviated as "SAS 70," is an auditing statement issued by the American Institute of Certified Public Accountants (AICPA). It defines the processes an auditor uses to assess the internal controls of service organisations that provide data processing, storage, or application services to their customers.
The Sarbanes-Oxley Act has identified the Type II SAS 70 audit as the only acceptable method for a third party to assure a service organisation's controls. The Type II audit is more thorough than Type I (awarded to Brivo in 2008) because it assesses whether the company's security control processes are effective during the entire calendar period for which the audit applies.
Van Till again: "One of the most common objections to the SaaS model is that customers aren't sure their data will be secure. At Brivo, we have made a total commitment to the protection of our customers' data, and we have earned the certifications that prove it."