Ntirety Achieves Unified Cloud Provider Certification

UCS_2012_Logo.jpg

Ntirety in 2011 & 2012 been successfully audited and certified under the MSPAlliance’s (MSPA) Unified Certification Standard for Cloud and Managed Service Providers (UCS).  UCS is the first program of its kind, specifically designed and created to provide business consumers of cloud and managed services with the assurance that the service provider they hire meets or exceeds the highest principles of quality in areas such as financial stability, facilities, managed services practices, and customer satisfaction.

The UCS audit is a rigorous audit and certification process that benchmarks and verifies the quality of the company providing managed services.  UCS certification is based on a wide range of criteria with which to benchmark Managed IT Solution Providers, thereby ensuring that they have met and exceed well-established standards of excellence and client care. Clients that select a company that is part of the UCS can also rest assured that their IT solution provider has met and exceeded the following standards:

  • Physical & Virtual Security
  • Business & Financial stability
  • Company has taken reasonable steps to assure that the client’s IT needs will be safely and professionally addressed
  • Company is under constant external review from the MSPAlliance and the IT profession to continually maintain and improve standards of care of excellence
  • The UCS audit is performed by Frost, PLLC, a third party accounting firm.

For more information about the MSPAlliance please visit www.mspalliance.com

UCS Frequently Asked Questions

What is the UCS?

The Unified Certification Standard (UCS) audit for Cloud and Managed Service Providers was developed 7 years ago by the MSPAlliance as a way to a) provide a path of operational excellence for MSPs, and b) to distinguish those MSPs who were abiding by these best practices compared to those that were not.

Who Developed the UCS?

The MSPAlliance advisory board consisting of MSPs serving the large enterprise, mid-market, and SMB, saw a need to have a standard made specifically for MSPs. For over a year these MSPs worked on creating a standard for self regulation to ensure high quality and excellence in the managed services profession.

What is the difference between the UCS and MSAP?

The Managed Services Accreditation Program™ (MSAP) was the original name of the standard created nearly 8 years ago. The MSAP is now called the UCS, after the program went through a considerable review and change in 2011. The standard is largely the same, but now has considerably enhanced audit and reporting benefits previously not available with the MSAP.

How does the UCS differ from other so-called MSP and Cloud Certifications?

While other certifications, seals, etc, may simply require a provider to submit information and promise to adhere to some industry standards, the UCS certification requires all applicants to submit to a comprehensive audit and onsite facilities inspection. When MSPA first launched this accreditation and certification many years ago, the bar was firmly set high. All data is verified by third party auditors, so the accreditation validates the quality of a Managed Services practice and is an achievement any company can be proud of.

Does the UCS overlap with ISO 27001?

The UCS audit is based was developed utilizing many different components of other international standards, including control objectives unique to the MSPAlliance. These international components include the COSO framework, COBIT, ITIL, and ISO 27001.  While the UCS does not include all of the control objectives or controls from any one of the standards referenced above, it does include the control objectives and controls deemed most critical to Cloud and Managed Service Providers by the MSPAlliance.

Does the UCS overlap with SSAE 16?

The UCS and SSAE 16 audits serve different purposes.  The SSAE 16 audit is an auditor to auditor report, while the UCS is a public report.  The two reports, for members that complete the UCS and SSAE 16 audits simulatneously, utilize the same control objectives with the exception of Financial Health which is not included in the SSAE 16 scope. Both audits use nearly identical testing protocols.

Furthermore, the UCS is an international standard and is recognized globally, whereas SSAE 16 is largely a US audit methodology.  MSPAlliance can provide you with both the UCS and SSAE 16 audits and certifications.

Can the UCS be used for compliance purposes?

Absolutely. Because the UCS certification is also an audit, and performed by well trained IT auditors familiar with managed services and cloud computing models, and has a detailed audit report for each company that goes through the process, many MSPs and cloud organizations use the UCS audit report for compliance purposes. Because it is a public document, the UCS report also has the advantage of being used for sales and marketing purposes also.

If I have my vendor certifications do I still need the UCS?

Vendor certifications are very useful for determining a MSP’s skill in using a particular vendor’s product. For example, if you are skilled in using Microsoft products then achieving Microsoft Gold might be a worthy objective. However, by itself, vendor certifications are not enough. In fact, it can be potentially misleading to customers if the MSP only has vendor certifications and no other 3rd party certification or audit. Many MSPAlliance members who have have achieved our certifications also have other vendor certifications.

How do I know if my comapny needs the UCS?

There are many reasons why your company would want to go through the UCS audit process. Our industry is unregulated, which means end user customers have no real mechanism for determining who is a credible and qualified MSP. The UCS is a great tool for giving end user customers that assurance, while also giving the MSP guidance and comfort in knowing that their policies and procedures conform with industry best practices.