SSAE 16 Professionals Has Unveiled a Specialty Service Line Focusing on SSAE 16 Audits for Third Party Administrators (TPA’s)

December 11, 2012

In an increasingly competitive market environment, SSAE 16 Audits are providing Third Party Administrators a competitive advantage amongst their competition. SSAE 16 Professionals has the resources and team assembled whose sole focus is on helping Third Party Administrators undergo the SSAE 16 audit.

Irvine, CA (PRWEB) December 10, 2012

Industry Overview

SSAE 16 Professionals has unveiled a specialty service line focusing on SSAE 16 reports for Third Party Administrators (TPA´s). A TPA is an organization that processes insurance claims or certain aspects of employee benefit plans for a separate entity. This can be viewed as “outsourcing” the administration of the claims processing, since the TPA is performing a task traditionally handled by the company providing the insurance or the company itself. The TPA may also be hired if a company is self-insured. In that case, the TPA will not only handle claims from the common pool of money for that purpose, it will also coordinate payment of catastrophic illness premiums and other details of the insurance program.

An insurance company may also use a TPA to manage its claims processing, provider networks, utilization review, or membership functions. Third party administrators also handle many aspects of other employee benefit plans such as the processing of retirement plans and flexible spending accounts. Many employee benefit plans have highly technical aspects and difficult administration that can make using a specialized entity such as a TPA more cost effective than doing the same processing in house.

Outsourcing such important tasks to TPA´s carries a large risk to companies. A SSAE 16 audit provides transparency around the TPA´s internal controls. In fact, many companies will not even consider outsourcing to a TPA who does not have a SSAE 16.

“Many TPA´s are choosing SSAE 16 Professionals to perform their SSAE 16 audit because of our personalized approach,” says Jim Jimenez, Managing Partner at SSAE 16 Professionals. “We have a unique blend of TPA expertise coupled with good old fashioned client service.”

Industry Need

SSAE 16 audit reports, also known as SOC 1 Reports, which have effectively replaced SAS 70 reports, will be prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization. SOC 1 audit reports retain the original purpose of SAS 70 by providing a means of reporting on the system of internal control for purposes of complying with internal control over financial reporting.

In the past, SAS 70 reports encompassed financial reporting controls, operational controls, and compliance controls. SSAE 16 SOC 1 reports can no longer be used for any other purpose except for reporting on the system of internal control for purposes of complying with internal control over financial reporting. For reports that are not specifically focused on internal controls over financial reporting, the AICPA has issued an interpretation under AT Section 101 permitting service auditors to issue reports. These reports will now be considered SOC 2 audit reports. SOC 2 reports will focus on controls at a service organization relevant to one or more of the following Trust Services principles: Security, Availability, Processing Integrity, Confidentiality, and Privacy.

SSAE 16 (SOC 1) & SOC 2 Type I and Type II Audit Reports

SSAE 16 Professionals completes both SSAE 16 (SOC 1) and SOC 2 Type I Audit Reports and SSAE 16 (SOC 1) and SOC 2 Type II Audit Reports.

  •     SSAE 16 and SOC 2 Type I Reports – A report on policies and procedures placed in operation as of a specified point in time. SSAE 16 and SOC 2 Type I Reports evaluate the design effectiveness of a service provider´s controls and then confirms that these controls have been placed in operation as of a specific date.
  •     SSAE 16 and SOC 2 Type II Reports – A report on policies and procedures placed in operation and tests of operating effectiveness for a period of time. SSAE 16 and SOC 2 Type II Reports include the examination and confirmation steps involved in a Type I examination plus include an evaluation of the effectiveness of the controls for a period of at least six calendar months. Most user organizations require their service provider to undergo the Type II level examination for the greater level of assurance it provides.

About SSAE 16 Professionals

SSAE 16 Professionals, LLP is a leading PCAOB registered accounting firm that specializes in SSAE 16 (SOC 1) and SOC 2 audits, SSAE 16 (SOC 1) and SOC 2 readiness reviews, and other IT audit and compliance reports. Each of our professionals has over 10 years of relevant experience at “Big 4” and other large international or regional accounting firms. Each professional is certified as a CPA (Certified Public Accountant), CISA (Certified Information Systems Auditor), CIA (Certified Internal Auditor), CISSP (Certified Information Systems Security Professional), CRISC (Certified in Risk and Information Systems Control) and/or MBA (Master of Business Administration). For more information, please visit http://www.SSAE16Professionals.com.


For the original version on PRWeb visit: http://www.prweb.com/releases/prwebssae16/soc1/prweb10198354.htm

Source: prweb

comments powered by Disqus