How do I get SSAE 16 certified?

SSAE 16 is designed for service organizations and is often required by the client in order to gain insight into the company. This certification is gained after a company has had an audit of internal controls at a service organization that may relate to their client’s internal control over financial reporting.

What does SSAE 16 stand for?

The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of standards developed specifically for certified public accountants (CPAs) to evaluate an entity’s internal controls and the impact a service organization may have on the entity’s control environment.

What is SOX compliant?

The Basics of SOX Compliance While the details of the Sarbanes-Oxley Act are complex, “SOX compliance” refers to the annual audit in which a public company is obligated to provide proof of accurate, data-secured financial reporting.

What is the latest Ssae report?

The AICPA has replaced the audit standard known as SSAE 16 with a new standard effective for report dates on or after May 1, 2017. This new standard, known as SSAE 18, is designed to address and clarify concerns over the clarity, length and complexity of the many other AICPA standards.

What is an SSAE engagement?

Statement on Standards for Attestation Engagement (SSAE) 18 is an American auditing standard issued by the American Institute of Certified Public Accountants (AIPCA). The SSAE 18 standard is used to produce System and Organization Controls (SOC) reports.

Who needs a SSAE 16 audit?

Who Needs an SSAE 16 (SOC 1) Audit? If your Company (the ‘Service Organization’) performs outsourced services that affect the financial statements of another Company (the ‘User Organization’), you will more than likely be asked to provide an SSAE16 Type II Report, especially if the User Organization is publicly traded.

What is a SSAE 16 SOC 1 report?

A SOC 1 Report (System and Organization Controls Report) is a report on Controls at a Service Organization which are relevant to user entities’ internal control over financial reporting.

What is the difference between SOC 1 and SSAE 16?

It is important to note that the SSAE 16 standard was specific to service organizations and the SSAE 18 is for all attestation engagements which essentially means that referring to a SOC 1 as an SSAE 16 examination will go away and will not be replaced by the term SSAE 18 examination but will be referred to simply as the SOC 1. What Is SOC 1?

What are the new SSAE-18 requirements?

The SSAE-18 requirements are now effective as of May 1, 2017 and bring new changes you can learn about here on our SSAE 18 Report overview page. SSAE 18 is a series of enhancements aimed to increase the usefulness and quality of SOC reports, now, superseding SSAE 16, and, obviously the relic of audit reports, SAS 70.

What are the SSAE 16 reporting requirements for data centers?

According to AICPA, the SSAE 16 requires companies, like data centers, to provide a written report that describes any and all controls at organizations that provide services to customers when those controls are likely to be relevant to user entities internal control over financial reporting.