Big Sky is the leader in SSAE 16 certified Retail Management Solutions
The financial operations of public companies are in the spotlight more than ever before, and laws such as Sarbanes-Oxley are being enforced at a higher level, not only by internal auditors, but by regulators as well. Privately held companies, normally with fewer high value investors, are also spending more time making sure their financial processes are under tight controls.
Public companies who utilize third party systems to manage any part of their financial processes must ensure these companies are subjected to ongoing SSAE 16 audits. The SSAE 16 is an Independent Service Auditor’s Report on a Description of a Service Organization’s System and Suitability of the Design of Controls using the American Institute of CPAs (AICPA). SSAE 16 = Statement on Standards for Attestation Engagements 16.
An independent service auditor’s examination performed in accordance with SSAE 16 is an in-depth audit of Big Sky’s control objectives and control activities, which include controls over software development, information technology, hosting facilities, personnel and related processes.
In addition to an annual SSAE 16 audit by an independent auditing company, Big Sky continuously audits all aspects of it’s operation. Big Sky’s Security Committee is responsible for ensuring that all systems, processes and personnel and operating within the controls set forth in our Hosting Operations plan.
Big Sky’s solutions include a number of features that help ensure compliance with audit controls, including:
- Audit Trails – are included in all documents and each action is recorded with the date and time, the name of the user performing the action, and the action performed. This makes it easy to determine exactly what happened throughout the life cycle of the document.
- Role based Access Control – determines which types of documents the users within the role have access to, and what type of access they have (e.g. read-only, edit, delete, create).
- Approval Routing – is based on rules defined the customer, and final approvals are double checked against individual user approval limits.
- Invoice approvals – are checked against criteria within the associated Work Order or Purchase Order to make sure the work has been completed satisfactorily, or the parts have been shipped and/or received.
Big Sky’s audit program is over 7 years old, and is enhanced each year with additional controls to ensure our customer’s data is protected, and their operational funds are not wasted.