SSAE 16 Type 1 reports are often looked upon as a "stepping stone" to its big brother, SSAE 16 Type 2 reports. And while the SAS 70 auditing standard is no longer with us, SSAE 16 reporting does share many similarities with the now defunct, historical third-party reporting standard, most notably that there are fundamentally two (2) type of SSAE 16 reports; SSAE 16 Type 1 and SSAE 16 Type 2. But changes have been brought about from the passing of the torch from SAS 70 to SSAE 16, thus take note of the following 5 important things you need to know about SSAE 16 Type 1 reporting.
SSAE no. 16 audits, which technically stand for "Statement on Standards for Attestation Engagements no. 16", include a healthy laundry list of items within an actual report (Type 1 and Type 2), so it's important to gain a stronger understanding of these items if your organization is seeking to become SSAE 16 compliant. And by the way, there's also a quick learning curve to get over regarding the alphabet of compliance reporting, which includes a number of different reports and their respective names. So let's get started with an in-depth examination of what's included in an SSAE no. 16 audit.
The SOC 1 Report option is fast becoming the global de facto standard for reporting on controls at service organizations in today's growing regulatory compliance environment. With the SAS 70 auditing standard finally being superseded and effectively replaced by the new Service Organization Control (SOC) framework, there's 5 important things that every service organization should know about regarding the SOC 1 report option. Learn more about NDB's complimentary SOC 1 Policy Packets and SOC 2 Policy Packets. They truly make a big difference in helping service organizations save thousands of dollars on SOC compliance
SSAE 16 Type 1 and Type 2 reporting for payroll providers and check processing companies have a close relationship indeed, as many organizations outsource these critical and material functions to service organizations who provide the following services:
• Traditional payroll processing ,which includes the entire lifecycle of the processing platform itself, such as setting up new clients into a specified system, obtaining recurring payroll data, and then facilitating the disbursement of funds (both electronically and hard copy checks) to designated employees within a given company.
• Third-party provider of printing and mailing hard-copy checks, and related documentation.
• All other "subservice organizations" that perform critical services for the actual primary service organization (i.e., the payroll company).