Compliance White Papers

Taking the hassle out of staying compliant

Get A Fixed Fee Quote Today Request a Free Quote

SSAE 16 SOC 1 Type 2 reports are being issued at a feverish pace these days, thanks in large part to the launch of the American Institute of Certified Public Accountants' (AICPA) Service Organization Control (SOC) reporting framework, which consists of SOC 1, SOC 2 and SOC 3 reporting options.  In today's alphabet world of regulatory compliance mandates, it's vitally important you learn about SSAE 16 SOC 1 Type 2 reports, thus take note of the following 5 points:

1.  Say Hello to SSAE 16 and Goodbye to SAS 70.  Statement on Auditing Standards No. 70 (SAS 70) was a widely used reporting tool for service organizations all throughout the globe. However, the migration towards more globally accepted accounting principles has put SAS 70 in the rearview mirror, with ISAE 3402 and SSAE 16 racing down the regulatory compliance highway together at full speed.

2. It's time to learn about "SOC". In an effort to create more value, transparency and awareness on service organization reporting, the AICPA launched the comprehensive Service Organization Control (SOC) framework, for which organizations can opt for SOC 1, SOC 2, and SOC 3 reporting.

3. Let's unravel the SSAE 16 Alphabet. SSAE 16 officially stands for Statement on Standards for Attestation Engagements No. 16, which technically falls under the AICPA SOC 1 platform, for which there are two (2) types of reports; a Type 1or a Type 2. Got it!

4. SSAE 16 imposes new requirements for reporting.  Specifically, management must develop a "description of its system" and provide a "written statement of assertion".

5. SSAE 16 SOC 1 Type 2 reports also bring into play other issues.  The "Internal Audit Function", the concept of "Monitoring" and "Subservice Organization Reporting" are all important provisions for SSAE 16 SOC 1 Type 2 reports.  Learn more about NDNB's complimentary SOC 1 Policy Packets and SOC 2 Policy PacketsThey truly make a big difference in helping service organizations save thousands of dollars on SOC compliance

Services organization seeking to undergo SSAE 16 SOC 1 Type 2 compliance would highly benefit from a Readiness Assessment along with additional consultative services to better determine one’s reporting needs.  To learn more and obtain a competitive, fixed-fee regarding SSAE 16 compliance, contact Charles Denyer at 1-800-277-5415, ext. 705 or via email at This email address is being protected from spambots. You need JavaScript enabled to view it..

Since 2006, NDNB has been setting the standard for security & compliance regulations