2. Knowing your service providers digital risks can
be just as important as knowing your own
Networks
Data Centers
Cloud
Risk
Security
Practices
PaaS
NPI
Cloud providers touch your network and
If they are at risk, you are too
3rd party cloud service providers
These risks flow into your
institution, allowing
hackers to exploit any and
all vulnerabilities
3. How we can help your business
The architecture and engineering of an organization is listed in the SSAE 16. However, one
has to have the ability to tear it apart with a complete awareness and
comprehensive understanding of computer architectures, infrastructures, virtualization,
encryption, transmission, clouds, engineering, and physical and logical, security, just to
note as to whether or not the SSAE 16 is of value or not. This is exactly what eVenture
Review, LLC does in its exclusive RAPIER Report.
The review process of eVenture Review is unlike any of which organizations provide today
in our industry for no one has rationalized that the SSAE 16 is not only about the findings
as everyone would have you believe, but it is more about the design and engineering of
the hosting cloud providers for that is the blue-print as to how one is handling NPI
information. To understand this, it requires extensive computer engineering methodology
understanding and awareness as well as extensive knowledge of cloud computing
environments.
The RAPIER Report
RAPIER - Review Accurately Providing Information Ensuring Responsibility
eVenture Review, LLC has developed the RAPIER Report, which is a process applying
engineering methodologies and security practicum's in the review process of the
SSAE (Statement on Standards for Attestation) No. 16 report, which is being provided
by AICPA (American Institute Certified Public Accountants) accredited institutions,
on behalf of public cloud providers.
The purpose is to ensure public cloud providers are complying with the technical
controls defined in the SSAE 16 so institutions relocating their NPI (Non-Public
Information) data, to the public cloud, is safe-guarded.
eVenture Review, LLC developed what is called the RAPIER Report, consists of the
following characteristics as its framework - 20 categories consisting of approximately
300 elements being compared to 8 different criteria, in order to ensure public cloud
providers are in fact properly safeguarding NPI (Non-Public Information) as a
standard and practice.
eVenture has performed engineering reviews on approximately 233 SSAE 16s the
past six years from 34 AICPA firms consisting of 133 public cloud providers across
the United States. This also includes the largest cloud providers in the United States.