SSAE 16 SOC 1 Type 2 reports are being issued at a feverish pace these days, thanks in large part to the launch of the American Institute of Certified Public Accountants' (AICPA) Service Organization Control (SOC) reporting framework, which consists of SOC 1, SOC 2 and SOC 3 reporting options. In today's alphabet world of regulatory compliance mandates, it's vitally important you learn about SSAE 16 SOC 1 Type 2 reports, thus take note of the following 5 points:
1. Say Hello to SSAE 16 and Goodbye to SAS 70. Statement on Auditing Standards No. 70 (SAS 70) was a widely used reporting tool for service organizations all throughout the globe. However, the migration towards more globally accepted accounting principles has put SAS 70 in the rearview mirror, with ISAE 3402 and SSAE 16 racing down the regulatory compliance highway together at full speed.
2. It's time to learn about "SOC". In an effort to create more value, transparency and awareness on service organization reporting, the AICPA launched the comprehensive Service Organization Control (SOC) framework, for which organizations can opt for SOC 1, SOC 2, and SOC 3 reporting.
3. Let's unravel the SSAE 16 Alphabet. SSAE 16 officially stands for Statement on Standards for Attestation Engagements No. 16, which technically falls under the AICPA SOC 1 platform, for which there are two (2) types of reports; a Type 1or a Type 2. Got it!
5. SSAE 16 SOC 1 Type 2 reports also bring into play other issues. The "Internal Audit Function", the concept of "Monitoring" and "Subservice Organization Reporting" are all important provisions for SSAE 16 SOC 1 Type 2 reports. Learn more about NDNB's complimentary SOC 1 Policy Packets and SOC 2 Policy Packets. They truly make a big difference in helping service organizations save thousands of dollars on SOC compliance