Frequently Asked Questions

SSAE 16 Terminology – Carve-out Method

When performing a SSAE 16 Review, you will be inundated with various terms that you may have never heard of before. We plan on continuing with a serious of posts

SOC 2 Cheat Sheet

Unlock your understanding of SOC 2 with this cheat sheet by SANS. Ideal for auditors, executives, and sales professionals. Download now

SSAE 16 Terminology – Criteria

Criteria, as defined by the SSAE 18 (formerly SSAE 16) guidance are: The standards or benchmarks used to measure and present the subject matter and against which the service auditor

Firewall Controls in SOC 1 and 2: A Practical Example

Another series we will have periodic posts about will be related to potential controls that would be expected to be in place, almost regardless of the entity in question. This

SSAE 16, The New Standard

So you have been performing a SAS 70 for the last couple years, or, are getting ready prepared to embark on your first SAS 70, and all of a sudden

Transition Blueprint: Navigating from SSAE 18 to the New SSAE 22

SSAE 22 was issued a couple years ago, back in December 2020, to supersede AT-C section 210 with three primary changes, apply to both SOC 1 and SOC 2: Description

SSAE-18 FAQ

What is SSAE 18 (formerly SSAE 16)?

When is SSAE-18 Effective?

How many updates to SOC 1 have their been?

Are Third Party Vendor reviews required for SOC 1 and SOC 2?

Are Representation Letters Required in SSAE 18?

SSAE 18 FAQ / Complete List

SOC 1 FAQ

SOC1 vs SOC2: Differences?

How long does a SOC 1 take to complete?

SOC 1 or HITRUST?

What is SSAE 18 (formerly SSAE 16)?

SOC 1 FAQ / Complete List

SOC 2 FAQ

What is covered in the Availability criteria?

How often is a SOC 2 audit required?

Are Third Party Vendor reviews required for SOC 1 and SOC 2?

How does a company get SOC 2 certified?

Can I fail a SOC 2 audit?

SOC1 vs SOC2: Differences?

We have a SOC 2. How much effort is GDPR?

What are the costs of SOC 2?

SOC 2 FAQ / Complete List

Get Our Emails

Popular Resources