SSAE 16 Type 2 Examination (formerly known as SAS-70 Type II certification)
The American Institute of Certified Public Accountants (AICPA) has upgraded and expanded the examination standards of third party service organizations.
The old standard of SAS-70 only required a description of what "controls" were in place in the payroll process and the results of testing those controls.
Under SSAE 16 Type 2 standards, Payroll Maxx must provide a more comprehensive and expansive description of its entire payroll system to an independent certified public accountant. This written, in-depth description includes Payroll Maxx’s assertion as to how payroll transactions are processed and reported, all of the specific control objectives in place during transaction processing, and the effectiveness of the controls used to achieve all of those control objectives. You will also find included in this description, various aspects of our control environment, our philosophy and operating style, how we assign authority and responsibilities, our commitment to integrity, ethics and confidentiality, our information and communication systems, our risk assessment information, and the monitoring controls used by Payroll Maxx.
With this information, the independent certified public accountant will then make three assessments:
At Payroll Maxx, we are very proud of the results of the independent certified public accountants assessment and testing results showing that:
Security of client information is one of Payroll Maxx's most important goals. Protection of information is imperative, particularly in today's world. Payroll Maxx strives to accomplish the following objectives with regards to it's information security:
Availability - Payroll Maxx strives to ensure the ongoing availability of systems by addressing the processes, policies, and controls used to ensure authorized users have prompt access to information. This objective protects against intentional or accidental attempts to deny legitimate users access to information and/or systems. Core to this objective, Payroll Maxx has implemented both an Emergency Off-site Center and a Disaster Hot-site.
Integrity of Data or Systems - Payroll Maxx is committed to ensuring information has not been altered in an unauthorized manner and that systems are free from unauthorized manipulation that will compromise accuracy, completeness, and reliability. The Evolution Payroll and Tax Management System provide unparalleled accuracy, productivity and financial control. It is a proven, reliable software platform that will automate day-to-day processes more than any other payroll system.
Confidentiality of Data or Systems - Payroll Maxx is dedicated to the protection of payroll information of customers against unauthorized access or use. Payroll Maxx has controls in place to protect data both in transit and in storage.
Accountability - Payroll Maxx traces actions to their source. Accountability directly supports non-repudiation, deterrence, intrusion prevention, intrusion detection, recovery, and legal admissibility of records.
Assurance - Payroll Maxx develops confidence that technical and operational security measures work as intended. Assurance levels are part of the system design and include availability, integrity, confidentiality, and accountability. Assurance highlights the notion that secure systems provide the intended functionality while preventing undesired actions. Evolution Payroll and Tax Management system is completely auditable systems, so you can be assured that your payrolls are being run under the strict financial controls that are necessary in today's business environment.