More MSPs March Toward SAS 70
A quick observation: Larger, more successful managed service providers continue to embrace SAS 70 II (Statement of Auditing Standards No. 70), an American Institute of Certified Public Accountants (AICPA) standard for auditing service organizations. The latest example involves FusionStorm, an MSPmentor 100 company that says it has completed SAS 70 Type II certification.
According to a statement from FusionStorm:
“Internationally recognized, the standard is used by independent auditors to review a service provider’s controls for safeguarding its customer’s data…Acquiring SAS 70 II certification represents a gold star for any service company. That is especially important now that hacking, identity theft, and data leaks are commonplace.”
FusionStorm says it also has adopted an information technology infrastructure library (ITIL) framework for change control and IT operational processes, and the company offers hosting services that meet PCI standards.
Certification and Accreditation
Of course, there are a range of certification and accreditation options that MSPs can pursue, including:
- MSP Pro… powered by CompTIA is an entry level accreditation developed by MSP Partners, CompTIA and IPED (the Institute for Partner Education and Development, owned by Everything Channel).
- The MSPAlliance offers individual certifications and company-wide accreditations for managed service providers. During the association’s upcoming MSPWorld conference, MSPAlliance will more fully discuss the certification program plus a new SAS 70 offering.
For larger MSPs working with banks, financial services firms and other sophisticated customers, SAS 70 seems to be generating all the buzz right now.