SSAE 16 Professionals, LLP Enhances Website to Educate Clients About SSAE 16 (SOC 1) and SOC 2 Audits
When asked about SSAE 16 (SOC 1) or SOC 2 audits, there is still some confusion about what is involved and whether it is necessary. SSAE 16 Professionals enhanced website answers these questions and more.
(PRWEB) June 26, 2013
- are designed to help user (customer) auditor assess control risk, plan the audit and design procedures in conjunction with their financial statement audits
- provide user auditors a common vehicle to gain an understanding of your control environment without performing independent procedures at your organization
- are primarily a report from a “service auditor” to a “user auditor” on management’s description of relevant internal control structure elements
“Most business executives prefer a collaborative partner when seeking professional services,” says Jim Jimenez, Partner at SSAE 16 Professionals. “SSAE 16 Professionals offers the ultimate value proposition: competitive fees coupled with unparalleled client service and expertise.”
Many first time auditees choose to first undergo a SSAE 16 (SOC 1) or SOC 2 readiness assessment. SSAE 16 (SOC 1) or SOC 2 readiness assessments are consulting engagements that are designed to assist service organizations in assessing their preparedness for a SSAE 16 audit. The deliverable for a readiness assessment is a gap matrix which identifies controls that would pass right away, controls that would partially fail, and controls that would fail and require remediation.
SSAE 16 (SOC 1) and SOC 2 Type I and Type II Audits
In addition to readiness assessments, SSAE 16 Professionals completes both SSAE 16 (SOC 1) and SOC 2 Type I and Type II Audits:
- A Type I is an audit on policies and procedures placed in operation as of a specified point in time. SSAE 16 (SOC 1) and SOC 2 Type I audits evaluate the design effectiveness of a service provider’s controls and then confirms that these controls have been placed in operation as of a specific date.
- A Type I is an audit on policies and procedures placed in operation and tests of operating effectiveness for a period of time. Type II audits include the examination and confirmation steps involved in a Type I examination plus include an evaluation of the effectiveness of the controls for a period of at least six calendar months. Most user organizations require their service provider to undergo the Type II level examination for the greater level of assurance it provides.
SSAE 16 (SOC 1) and SOC 2 audits are beneficial because:
- Financial Audit Requirement by SEC – Auditors of your Clients will increase their scrutiny of the “system of internal control” during their audits of the financial statements (Sarbanes-Oxley) – which will result in more requests for your SSAE 16 report.
- Marketing and Competitive Advantage – SSAE 16 can be a key differentiator to prospective clients.
- One Time Audit – Avoids user auditors (auditors of your clients) continuously contacting service organization personnel for separate audits throughout the year. Rather, service organization clients request and rely on the SSAE 16 report.
About SSAE 16 Professionals
SSAE 16 Professionals, LLP is a leading PCAOB registered accounting firm that specializes in SSAE 16 (SOC 1) and SOC 2 audits, SSAE 16 (SOC 1) and SOC 2 readiness reviews, and other IT audit and compliance reports. Each of our professionals has over 10 years of relevant experience at “Big 4” and other large international or regional accounting firms. Each professional is certified as a CPA (Certified Public Accountant), CISA (Certified Information Systems Auditor), CIA (Certified Internal Auditor), CISSP (Certified Information Systems Security Professional), CRISC (Certified in Risk and Information Systems Control) and/or MBA (Master of Business Administration). For more information, please visit http://www.SSAE16Professionals.com.
For the original version on PRWeb visit: http://www.prweb.com/releases/ssae16/ssae16audit/prweb10871827.htm