SSAE 18 (SSAE 16) Preparation Tips
This tip is focused on designing controls that reflect the process being testing, if they don’t, a headache of massive proportions will be created once
This tip is focused on designing controls that reflect the process being testing, if they don’t, a headache of massive proportions will be created once
A SOC 1 Report (System and Organization Controls Report) is a report on Controls at a Service Organization which are relevant to user entities’ internal
Some organizations have heard of SAS 70, SSAE 16, and now SSAE 18, but, haven’t seen the value, other than because one of their customer
I’ve been hearing from various people in the marketplace that they were interested in learning about some steps, at a high level, that they need
If you have never been audited before, as is the case with many service organizations, you are probably wondering what kind of documentation will I need to give the auditors?
Controls at a Service Organization refer to the controls that are in place at your company. Many of these controls should be covered within your policies and procedures, as they
SOC 2 – CC6.3 The entity authorizes, modifies, or removes access to data, software, functions, and other protected information assets based on roles, responsibilities, or the system design and changes,
I’ve been hearing from various people in the marketplace that they were interested in learning about some steps, at a high level, that they need to take to get off
There are significant differences between a Type I and Type II report, however, we aren’t going to discuss that here, thats for another day. We will discuss the basics of
This tip is focused on designing controls that reflect the process being testing, if they don’t, a headache of massive proportions will be created once testing begins. What do you