, , , , , , ,

Locus Receives SAS 70 Certification

Compliance icon
Locus Cloud Computing Environmental Software Platform SAS 70 Certified

SAN FRANCISCO, Calif., 18 January 2011 — Locus Technologies, the industry leader in web-based environmental compliance and information management software, announced that it has been certified as compliant with the Statement on Auditing Standards No. 70: Service Organizations (SAS 70).

Locus passed an in-depth audit of its control objectives activities pertaining to database management and information technology. The certification places Locus in a rare category among environmental data management providers to have attained the rigorous classification. In today’s risk-management environment, it is essential that service providers like Locus demonstrate that they have adequate controls and safeguards in place so customers can be confident that their data are safe.

“By becoming SAS 70 certified, Locus shows that we are not only in compliance with Section 404 of the Sarbanes-Oxley Act, but that we hold the security of our customers’ data paramount,” said Dr. Neno Duplan, President and CEO of Locus Technologies.

“Whether your environmental data are currently hosted by another provider, or you’re searching for a company to manage your data, your company should demand evidence that your data are safe and protected by a highly controlled process. We are pleased to know that our customers’ environmental data for water, sustainability, emissions, and greenhouse gas data have been deemed to be in full compliance with SAS 70,” continued Duplan.

In addition to being SAS 70 certified, Locus requires that its key suppliers also comply with SAS 70 standards. For example, Locus’ data center and cloud hosting provider have been certified recently to have processes and safeguards in place. These safeguards are designed to protect Locus’ assets and data that reside in the company’s managed hosting services data center. A service auditor’s examination—performed in accordance with SAS No. 70 Type II—is widely recognized because it confirms that a service organization has been through an in-depth audit of its control objectives and activities, which includes controls over information technology services and related processes.

Completion of the SAS 70 Type II examination of Locus’ managed hosting data center proves that an independent accounting and auditing firm has formally evaluated the company’s processes, procedures, and controls. The examination included controls related to service delivery, support services, security, monitoring, change management, data backup, environmental controls, and logical and physical access.

SAS 70 is designated by the U.S. Securities and Exchange Commission as an acceptable method for an organization’s management to obtain assurance about a third-party service organization’s internal controls without conducting a separate assessment.

As the world’s most comprehensive on-demand software for organizing environmental data and information, Locus is the partner of choice for all organizations that seek a credible and cost-effective solution to their energy and environmental management and reporting needs.