SSAE 16 Professionals Has Unveiled a Specialty Service Line Focusing on SSAE 16 and SOC 2 Audits for Government Entities and their Service Providers

In an increasingly competitive business environment, SSAE 16 (SOC 1) and SOC 2 Audits are providing service providers of government entities a competitive advantage amongst their competition. SSAE 16 Professionals has assembled top tier talent whose sole focus is on helping service providers of government entities undergo the SSAE 16 (SOC 1) or SOC 2 audit.

  • Share on TwitterShare on FacebookShare on Google+Share on LinkedInEmail a friend
Delivering SSAE 16 Type I and Type II Reports

SSAE 16 Professionals, LLP

Many government entities and their service providers are choosing SSAE 16 Professionals to perform their SSAE 16 audit because of our personalized approach. We have a unique blend of expertise coupled with good old fashioned client service.

Orange, CA (PRWEB) February 12, 2013

SSAE 16 Professionals has unveiled a specialty service line focusing on SSAE 16 (SOC 1) and SOC 2 reports for government entities and their service providers. Many government entities require a SSAE 16 or require their vendors to perform a SSAE 16. The primary reason for this audit is to ensure appropriate internal controls are in place and functioning as designed. Transparency is critical in these situations. Often times, one government agency will perform a SSAE 16 and other government entities will utilize the same report. For example, if one government entity develops software that will be used by other government entities, the other government entities will require a SSAE 16 on the application, ensuring control are in place and the SDLC process was controlled.

“Many government entities and their service providers are choosing SSAE 16 Professionals to perform their SSAE 16 audit because of our personalized approach,” says Jim Jimenez, Managing Partner at SSAE 16 Professionals. “We have a unique blend of expertise coupled with good old fashioned client service.”

Industry Need

SSAE 16 (also known as SOC 1) Reports, which have effectively replaced SAS 70 reports, will be prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization. SOC 1 reports retain the original purpose of SAS 70 by providing a means of reporting on the system of internal control for purposes of complying with internal control over financial reporting. The Sarbanes-Oxley Act (SOX) requires publicly traded companies to perform an annual financial statement audit, which includes key processes that may impact the company’s financial statements. If these public companies outsource one of these key processes to your company, you will need to undergo an SSAE16 audit. The SSAE 16 report can eliminate the need for your company to be subject to multiple audits from your customers and their respective auditors, most likely eliminating the need for your company receiving multiple visits from your customers’ auditors, which can place a huge strain and operational burden on your company’s limited resources.

In the past, SAS 70 reports encompassed financial reporting controls, operational controls, and compliance controls. SSAE 16 SOC 1 reports, which have effectively replaced SAS 70 reports, will be prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization. SSAE 16 SOC 1 reports can no longer be used for any other purpose except for reporting on the system of internal control for purposes of complying with internal control over financial reporting. For reports that are not specifically focused on internal controls over financial reporting, the AICPA has issued an interpretation under AT Section 101 permitting service auditors to issue reports. These reports will now be considered SOC 2 audit reports. SOC 2 reports will focus on controls at a service organization relevant to one or more of the following Trust Services principles: Security, Availability, Processing Integrity, Confidentiality, and Privacy.

SSAE 16 (SOC 1) & SOC 2 Type I and Type II Audit Reports

SSAE 16 Professionals completes both SOC 1 Type I & Type II audits and SOC 2 Type I & Type II audits.

  •     SSAE 16 (SOC 1) and SOC 2 Type I Reports - A report on policies and procedures placed in operation as of a specified point in time. SSAE 16 and SOC 2 Type I Reports evaluate the design effectiveness of a service provider’s controls and then confirms that these controls have been placed in operation as of a specific date.
  •     SSAE 16 (SOC 1)and SOC 2 Type II Reports - A report on policies and procedures placed in operation and tests of operating effectiveness for a period of time. SSAE 16 and SOC 2 Type II Reports include the examination and confirmation steps involved in a Type I examination plus include an evaluation of the effectiveness of the controls for a period of at least six calendar months. Most user organizations require their service provider to undergo the Type II level examination for the greater level of assurance it provides.
About SSAE 16 Professionals

SSAE 16 Professionals is a leading provider that specializes solely in SSAE 16 readiness reviews, SSAE 16 Type I Reports, SSAE 16 Type II Reports, and other IT audit and compliance reports. Each of our professionals has over 10 years of relevant experience at “Big 4” and other large international or regional accounting firms. Each professional is certified as a CPA (Certified Public Accountant), CISA (Certified Information Systems Auditor), CIA (Certified Internal Auditor), CISSP (Certified Information Systems Security Professional), CRISC (Certified in Risk and Information Systems Control) and/or MBA (Master of Business Administration). For more information, please visit http://www.SSAE16Professionals.com.

###


Contact

Attachments

SSAE 16 is a report on controls at a service organization relevant to user entities' internal control over financial reporting (ICFR) SSAE 16 (SOC 1) Reports

SSAE 16 is a report on controls at a service organization relevant to user entities' internal control over financial reporting (ICFR)


Whereas SSAE 16 Reports focus on internal controls over financial reporting, SOC 2 Reports focus on controls related to Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 Reports

Whereas SSAE 16 Reports focus on internal controls over financial reporting, SOC 2 Reports focus on controls related to Security, Availability, Processing Integrity, Confidentiality, and Privacy