SSAE 18 – SOC Audit and Attestation Services

SSAE 18 – SOC AUDIT AND ATTESTATION SERVICES

Organizations continue to outsource parts of their business to realize potential cost benefits, to alleviate the need for hiring or retaining internal specialists and/or to create more flexibility to realize their business strategy.

Customer need assurance over the services that they outsource. SSAE reports provide assurance that the controls are in place at the vendor organization that are beyond financial controls like system and data protection controls.

SOC 2 report demonstrates the independent auditor’s review of controls implemented at the Service Organization to mitigate these risks effectively.

AICPA introduced various types of SOC reports that meet the requirements of the engagement.

SOC 1

  • Mainly Financial Related and Operational Controls
  • Controls that may affect financial statement

SOC 2

  • Trust Principles
  • Defined list of criteria
  • Restricted Use

SOC 3

  • Trust Principles
  • Can be Shared with General Public and on the website

Assurance reports play an important role in management control. In the USA, the new SSAE 18 standard was introduced in 2016 and implemented in 2017.

RayTex IT Services

Our experienced consultants help you achieve readiness before the audit with an effective gap analysis and gap filling advisory. Years of experience in implementation of process and technology best practices enable us to help organizations implement SOC control requirements and meet auditor expectations effectively.
RayTex partnered with an AICPA registered CPA for providing audit and attestation services. Please call us for more information and we will be happy to help you understand more about our SOC audit / attestation services.