SSAE 16 and SSAE 18 Audits bring tons of questions. In this section we hope to answer some questions we frequently come across during our calls and client interactions.
[qa]
SOC Reporting Guide
The first difference between the SSAE 16 and ISAE 3402 Standards is that SSAE 16 requires the service auditor to assess the risk associated with potential “Intentional Acts by Service
So you have been performing a SAS 70 for the last couple years, or, are getting ready prepared to embark on your first SAS 70, and all of a sudden
SSAE 18 is a series of enhancements aimed to increase the usefulness and quality of SOC reports, now, superseding SSAE 16, and, obviously the relic of audit reports, SAS 70.
There are significant differences between a Type I and Type II report, however, we aren’t going to discuss that here, thats for another day. We will discuss the basics of
When performing a SSAE 16 Review, you will be inundated with various terms that you may have never heard of before. We plan on continuing with a serious of posts
SANS put together a great overview of SOC 2 terminology, report structure breakdown, and process in their signature cheat sheet format. This is a great document to keep handy if