SSAE 16,
SOC 1 & SOC 2

Due to growing concerns over the security of customer information and data, service organizations are often asked to demonstrate that adequate controls and safeguards in place.

Contact Us

Due to growing concerns over the security of customer information and data, service organizations are often asked to demonstrate that adequate controls and safeguards in place.

SSAE 16

Due to growing concerns over the security of customer information and data, service organizations are often asked to demonstrate that adequate controls and safeguards in place. The SSAE 16 audit includes a review of controls over transaction processing, security, data hosting and other related processes.

Organizations that may need a SSAE 16 audit include:

  • Third-party, outsourcing vendors providing services to the healthcare and financial services industries
  • Credit processing organizations and clearinghouses
  • Medical claims processors
  • Payroll companies and third-party administrators
  • Insurance claim processing organizations

SOC I

If you are a service organization handling information that may have an impact on your clients’ financial

If you are a service organization handling information that may have an impact on your clients’ financial reporting, you may be requested to obtain a SOC 1 report. This report can provide assurance to outside parties that your organization has been through an in-depth audit of control objectives and activities by an independent accounting and auditing firm.

Our SOC 1 compliance services and audit report is based on AICPA guidelines and includes:

SOC 2

SOC 2 compliance is vital to safeguarding data and proving to your clients that your organization protects their information by following specific governance, operational and information technology control objectives. A SOC 2 report can address one or more of the AICPA’s Trust Services Criteria: security, confidentiality, availability, processing integrity and privacy standards.

Our SOC 2 compliance services and audit report evaluates seven categories:

  • Organization and management
  • Communications
  • Risk management and design and implementation of controls
  • Monitoring of controls
  • Logical and physical access controls
  • System operations
  • Change management

Our SOC 2 compliance services and audit report is based on AICPA guidelines and includes:

  • Evaluation of documented policies and procedures
  • Assessments of key operational controls related to the accuracy of financial data and information technology general controls
  • Evaluation of the design of controls as of a point in time (Type 1)
  • Formal testing of operating effectiveness of controls over a period of time (Type 2)
  • Independent SOC 2 audit report providing an opinion on the controls evaluated

Continue the Conversation with Our Team
Get in touch with us.

Contact Us

Related Insights

View More Insights