Multiple Third-Party Audits
The ACSI Edge subscribes to multiple third-party audits for independent validation of regulatory, security, and contract compliance.
In addition to ACSI’s internal auditing program, we retain external auditors to conduct audits of our in-formation and physical security systems, operations, and regulatory compliance mechanisms. Our clients also regularly conduct audits as well. This independent and unbiased scrutiny provides another layer of assurance and verification that ACSI is compliant in all areas required by law and by our clients’ contract terms and conditions.
- SSAE 16 Audits - Statements on Standards for Attestation Engagements (SSAEs) are standards set by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) for Reporting on Controls at a Service Organization. Additionally, a service organization, ACSI has elected to undergo yearly audits of its financial and information systems controls to ensure compliance with the Sarbanes-Oxley Act. These audits are performed by a registered and certified public accounting firm, which prepares reports in the form of an attestation of ACSI’s adherence to the SSAE 16 standards.
- Third-Party Servicer Audits - Title 34 of the U.S. Code of Federal Regulations requires all third-party servicers such as ACSI to arrange for annual independent audits of the Federal Family Education Loan Program accounts assigned to ACSI for collection. ACSI submits to annual audits that examine our compliance with applicable regulations, our financial management activities, and our compliance with the standards for audits issued by the U.S. General Accounting Office’s (GAO’s) Standards for Audit of Governmental Organizations, Programs, Activities, and Functions.
- Security Assessments - ACSI is enrolled in the TECH LOCK Certified® Program, a service designed to protect client and consumer information via independent analyses of a company’s infrastructure and operations. Through our enrollment in this program, TECH LOCK conducts annual security audits, penetration tests, vulnerability assessments, risk assessments, and policy reviews & assessments. The TECH LOCK Certified® Program is the industry gold standard for ensuring federal and state security compliance.
- Client Audits - ACSI supports both on-site and remote auditing by our clients. We also take extra, helpful measures to assist and accommodate them during their audits. If a client is performing an on-site audit, we provide workspace areas and access to personnel, records, and any other information needed. If a client is performing a remote audit, ACSI assembles and submits all required audit materials as prescribed or needed by a particular client.