SSAE16 ( SOC1 )

More information


About SSAE16 SOC1

SSAE 16 (formerly SAS 70) – is an internationally recognized third party assurance audit designed for service organizations. Standards for Attestation Engagements No. 16 (SSAE 16 or SOC 1) effectively replaced SAS 70 on June 15, 2011. SAS 70 the early version of the service auditors report become the most widely accepted compliance initiative that provides service organizations a benchmark to compare their internal controls and processes against industry best practices. SSAE 16 has many similar requirements to it's predecessor (SAS 70) however there are a few differences that service organizations should be aware of.

Why do Service Organizations Obtain a SSAE 16 Audit?

There are many reasons why a service organization may decide to obtain a SSAE 16 report, however due to the increased regulatory oversight of the Sarbanes Oxley act, many customers are now requiring their service organization to obtain a SSAE 16 report.

Why Organizations Become SSAE 16 Compliant.

Outside of customer requests, our clients choose to obtain a SSAE 16 report to provide their customers with confidence and to differentiate them from the competition. Additionally many service organizations are audited by several companies during the course of the year. A SSAE 16 audit can eliminate additional customer audits and self-assessment questionnaires.

SSAE 16 Examination Services:

  • SSAE 16 Readiness Assessment- is an audit designed for organizations preparing for their first SSAE 16 audit. Organizations who have not formally evaluated their internal controls often start with a SSAE 16 Readiness Assessment.
  • SSAE 16 Transition Services - for organizations who currently undergo a SAS 70 audit and want to ensure they will comply with new requirements of SSAE 16.
  • SSAE 16 Type I - provides limited assurance and used to report on the design of controls as of a point in time. Organizations who have policies and procedures in place but want to gain a better understanding of the SSAE 16 requirements often start with a SSAE 16 Type I audit prior to undergoing the SSAE 16 Type II audit.
  • SSAE 16 Type II - provides the highest level of assurance for SSAE 16 audits and reports on the service organizations design of controls and operating effectiveness over a period of time.

Why ControlCase Attestation Services?

  • World class processes
  • High quality deliverables
  • Insightful consulting advice
  • Meeting project deadlines and expectations
  • Reasonably priced

Other Benefits of a SSAE 16 ( SOC1 ) Report:

  • Instant credibility
  • Third party perception
  • Confirmation that controls, procedures, and process are in place as management intends
  • Independent assessment of controls
  • Potential to grow market share
  • Reduction of third party self-assessment questionnaires
  • One audit report can satisfy multiple customers

ControlCase Attestation Services

Our concept is to bridge the gap for our clients from wanting to comply to becoming compliant. We understand the regulatory pressures and the demands of your customers requesting a SSAE 16 reports. Each of our audits are customized and designed to assist your company in a seamless process from the time we initiate the audit to finalizing your SSAE 16 report. All of our auditors have a depth of experience in a variety of industries and we have a good understanding of your business and how this relates to a SSAE 16. Each SSAE 16 report is unique and we provide the necessary related industry knowledge and SSAE 16 expertise to deliver quality audit reports that your customers will accept.

As a large majority of audits are technical in nature, ControlCase Attestation Services will engage auditors with certifications such as CISSP, CISA, CISM, QSA, CIA in addition to CPAs onsite to complete your company’s audit.

Call us today and find out how we can make your SOC 2 audit a successful one.