SSAE 16 Professionals, LLP Unveils a “Cliff Notes” Guide to Explain the Differences between SSAE 16 (SOC 1) and SOC 2 Audits
There is plenty of confusion in the marketplace regarding what are SSAE 16 (SOC 1) and SOC 2 audits and which report is right for a particular business. SSAE 16 Professionals, LLP has released a free “Cliff Notes” version of the SSAE 16 (SOC 1) and SOC 2 audit process to clear up some of the confusion.
Los Angeles, CA (PRWEB) May 29, 2013
SSAE 16 (aka SOC 1) and SOC 2 audits can be a valuable tool for any service organization. However, many service organizations still do not understand the differences between the audits and which audit is better for their own particular situation. SSAE 16 Professionals has created a “cliff notes” overview of the audits, including:
- Understanding the Basics of SSAE 16 (SOC 1) audits
- Understanding the Basics of SOC 2 audits
- Benefits of successfully completing a SSAE 16 (SOC 1) or SOC 2 audit
SSAE 16 Professionals has posted a link on their website to allow business to easily download a free copy of overview. Additionally, their Frequently Asked Questions webpage is a great resource to find answers to commonly asked questions.
“Most business executives prefer a collaborative partner when seeking professional services,” says Jim Jimenez, Partner at SSAE 16 Professionals. “SSAE 16 Professionals offers the ultimate value proposition: competitive fees coupled with unparalleled client service and expertise”.
A SSAE 16 (SOC 1) audit:
- is designed to help your users’ (customers’) auditors assess control risk, plan the audit and design procedures in conjunction with their financial statement audits, including internal controls over financial reporting (ICFR)
- provides user auditors a common vehicle to gain an understanding of your control environment without performing independent procedures at your organization
- is primarily a report from a “service auditor” to a “user auditor” on management´s description of relevant internal control structure elements
For companies providing services that do not impact their clients´ ICFR, the AICPA has issued an Interpretation under AT Section 101 permitting service auditors to issue reports. These reports will now be considered SOC 2 or SOC 3 reports and focus on controls at a service organization relevant to the following principles:
- Security: The system is protected against unauthorized access (both physical and logical)
- Availability: The system is available for operation and use as committed or agreed
- Processing Integrity: System processing is complete, accurate, timely, and authorized
- Confidentiality: Information designated as confidential is protected as committed or agreed
- Privacy: Personal information is collected, used, retained, disclosed, and destroyed in conformity with the commitments in the entity´s privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA and CICA
About SSAE 16 Professionals, LLP
SSAE 16 Professionals, LLP is a leading provider that specializes solely in SSAE 16 readiness reviews, SSAE 16 Type I Reports, SSAE 16 Type II Reports, and other IT audit and compliance reports. Each of our professionals has over 10 years of relevant experience at “Big 4” and other large international or regional accounting firms. Each professional is certified as a CPA (Certified Public Accountant), CISA (Certified Information Systems Auditor), CIA (Certified Internal Auditor), CISSP (Certified Information Systems Security Professional), CRISC (Certified in Risk and Information Systems Control) and/or MBA (Master of Business Administration). For more information, please visit http://www.ssae16professionals.com.
For the original version on PRWeb visit: http://www.prweb.com/releases/prwebssae16/soc2/prweb10778031.htm