SSAE 16 compliance places a heavy emphasis on a service organization's core elements of internal control. As such, control activities, a core component of the five elements of Internal control, are the policies and procedures that help ensure management directives are carried out. In short, they help ensure that necessary actions are taken to address the risks that can prevent the achievement of an organization's control objectives.
Control activities occur throughout the organization, at all levels and in all functions and they include a wide range of activities, such as the following:
- Approvals
- Authorizations
- Verification functions and activities
- Reconciliation procedures
- Reviews of operating performance
- Security of assets | segregation of duties
Regarding the five elements of internal control, they are as follows:
- Control Environment
- Risk Assessment
- Control Activities
- Information and Communication
- Monitoring
For purposes of SSAE 16 compliance, each of the five elements of internal control should be thoroughly examined for ensuring a service organization's internal control framework is sufficient for addressing risks that threaten the achievement of control objectives.
NDNB Accountants & Consultants offers SSAE 16 Readiness Assessments for helping gain a greater understanding of one's control environment, deficiencies the exist, and what measures can be taken for implementing a strong and robust set of internal controls.
We also provide competitive, fixed-fee SSAE 16 Type 1 and Type 2 reporting.
Other notable subject matter which may be of interest to you regarding SSAE 16 are the following:
- The evolution of the SSAE 16 Standard
- Requirements for SSAE 16, such as the description of a "system" and the written statement of assertion.
- Understanding the new AICPA SOC Framework.
To learn more about our services, please contact Christopher Nickell, CPA, at 1-800-277-5415, ext. 706.
