Compliance Audits Matter at AIS


AIS takes extraordinary efforts to safeguard our clients data, privacy, equipment, and connectivity, and security. We undergo multiple third-party audits, demonstrating compliance with rigorous industry standards.

AIS completes the following audits annually:

  • SOC 1 Type 2 (SSAE 18 and ISAE 3402)
  • SOC 2 Type 2
  • SOC 3 Type 2

At each of our 5 sites:

  • Lightwave Data Center (LWDC) San Diego, California
  • San Diego Tech Center (SDTC) San Diego, California
  • Fiber Alley Data Centers #1/#2/#3 (FADC) San Diego, California
  • One Wilshire Point of Presence (OWPOP) Los Angeles, California
  • Van Buren Data Center (VBDC) Phoenix, Arizona

Conducted by Moss Adams, one of the largest accounting and business consulting firms in the nation.

SSAE 18 Type 2
SSAE 18 (Statement on Standards for Attestation Engagements #18) replaces SSAE 16 and the old SAS 70 type of audit which had been around since the early 1990s. SOC (Service Organization Controls) 1, 2, and 3 audits assure that controls asserted actually exist and are functioning properly.

  • SOC 1 focuses on relevant data center system controls for financial reporting purposes, and has been scoped to cover standard for both the United States and international use.
  • SOC 2 focuses on the security and availability principles
  • SOC 3 is a summary Trust Services Report, documenting assurances on AIS controls related to the Security and Availability principles but without the detailed description of the tests and results contained in SOC 2.

SSAE 18 audits require an attestation engagement, where AIS management provides a written assertion regarding the controls designs, objectives, and implementation. The auditor then verifies that proper controls are in place and functioning properly.

SSAE18 audits are either Type 1 or a Type 2. Type 1 reports on the suitability of the design of controls at a point in time, while Type 2 tests not only the design of the controls, but the operating effectiveness of the controls over a period of time, usually six months to one year. AIS undergoes Type 2 audits.

All AIS audit reports are available upon request with the execution of a Non-Disclosure Agreement. Please contact us for more information.


AIS can assist you in locking down network infrastructure and ensuring compliance to the provisions related to:

  • Federal Financial Institutions Examination Council (FFIEC)
  • Federal Information Security Management Act (FISMA)
  • Gramm-Leach Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Health Information Technology for Economic and Clinical Health (HITECH)
  • International Organization for Standardization (ISO)
  • Payment Card Industry (PCI) Data Security Standards (DSS)
  • Sarbanes-Oxley (SOX)
  • And more…

We have extensive experience in regulated markets and we will gladly work with you to map out a solution that meets your specific needs.

Contact AIS for more information on network infrastructure compliance

Recent Blog Posts


This is an important milestone for AIS – affirming that our enterprise-class data centers have the appropriate internal controls in place for assuring the highest level of standards for compliance, security and availability. We want our clients to feel comfortable that we are committed to taking the necessary steps to assure their peace-of-mind as they seek us out for colocation, connectivity, managed services and now, our full-featured cloud service. Our SOC 2 examination clearly sets us apar… Ken Carter, VP of data center infrastructureAIS Data Centers

Quick Links