Service Organization Controls (SOC) 1 / SSAE 16 Examination
The SOC 1 / SSAE 16 report provides assurance regarding the controls at a service organization relevant to the user entities’ internal control over financial reporting, set forth by the Statement on Standards for Attestation Engagements No. 16 (SSAE 16), which focuses on internal controls at service organizations that affect their clients’ financial statements.
Obtaining a SOC 1 /SSAE 16 report differentiates your service organization by demonstrating the establishment of effectively designed controls and subsequently providing your customers with the peace of mind to engage with your organization.
About the SOC 1 / SSAE 16 Report
A SOC 1 / SSAE 16 report attests to a service organization’s internal controls which affect their clients’ financial reporting.
Two types of SOC 1 / SSAE 16 reports exist:
- Type 1 – The Type 1 report focuses on management’s description of the service organization’s system as well as the suitability of the design of its controls and their ability to achieve the related control objectives. A Type 1 reports on a service organization’s controls as of a specific date in time.
- Type 2 – The Type 2 report provides the same components as a Type 1 report with the addition of an opinion on the operating effectiveness of the controls to achieve the related control objectives. A Type 2 report also includes a detailed description of the service auditor’s tests of the operating effectiveness of the controls and the results of those tests. A Type 2 reports on a service organization’s controls over the course of a specific review period.
What the SOC 1 / SSAE 16 Report Includes
A SOC 1 / SSAE 16 examination includes the following deliverables:
- A-lign’s opinion on management’s assertion
- Detailed system description
- Management’s assertion
- Management’s control objectives
- Management’s control activities
- A-lign’s testing and results of control activities (Type 2 only)
SOC 1 / SSAE 16 Readiness Assessment
A-lign also provides a SOC 1 / SSAE 16 Readiness Assessment, which affords service organizations the opportunity to ensure they are prepared prior to the official engagement.
Benefits of Obtaining a SOC 1 / SSAE 16 Report
There are many reasons for a service organization to obtain a SOC 1 / SSAE 16 report. A SOC 1 / SSAE 16 report allows user auditors to reduce the amount of audit testing and rely on the service auditor’s report regarding the internal controls at the service organization. Other benefits include:
- A competitive advantage against similar service organizations who have not received a SOC 1 / SSAE 16 report
- Meet contractual requirements
- Controls benchmarking
- Revenue growth due to an increase in clientele
- Higher client satisfaction due to a sense of security over sensitive information
Why Choose A-lign?
What sets A-lign aside from the rest is our highly skilled team. Our team consists of former “Big 4″ executives, who have served on the FICPA Board of Governors, and assisted in the development of the AICPA SOC School Curriculum. Other attributes that set us aside include:
- A-lign professionals have performed over 3,500 SOC 1 / SSAE 16 audits for firms in a variety of industries
- Our customer service is unparalleled in our industry. A-lign will be with your company every step of the way, making for a smooth and stress-free process
- A-lign’s leadership possesses over 20 years of experience in the SOC 1 / SSAE 16 assurance industry
Check out the SOC Discussion Forum to find out more about the SOC 1 / SSAE 16 Examination process:
- How SOC Audits Can Help Save on Errors & Omissions Insurance
- Does Your SOC Report Address Subservice Organizations Using the Carve Out or Inclusive Method?
- SOC Vendor Due Diligence for Title Agencies