PCI DSS 4.0 - Are You Ready? Get a Discount on a Readiness Assessment - Learn More
Green check mark.
Author Picture
Listen to: "SSAE 16 Checklist"

This SSAE 16 checklist is geared towards service organizations that have never undergone a SSAE 16 audit. The information below contains some suggestions and things to think about before selecting a vendor for the SSAE 16 audit.

Do Your Research.

You may have reviewed our website, so you have begun the process of researching an SSAE 16 and the responsibilities that come with undergoing the audit. We suggest to research as much information as you can, perhaps even to log on to the AICPA website for details information on the SSAE 16 audit.

Find a Few CPA Firms Who Specialize In Performing an SSAE 16 Audit.

You will want to research a couple of firms who are experienced and capable of guiding you through the audit and signing off on your SSAE 16 Report, which only licensed CPA firms are permitted to do. This process should be handled with the utmost care as you are putting a lot of trust into the company you choose. They make or break you!

Some Things to Consider:

  1. The size of your company – you may not be able to afford a large CPA firm.
  2. The clientele you are attracting – you may want to select a firm who understands your service and industry.
  3. Total SSAE 16’s or past SAS 70’s performed – you do not want to use a company who has never done such work in the past, unless they are comprised of former employees of another firm, and may have started their own firm.
  4. The methodology employed – You will want to interview the companies and gain comfort around their methods, and ensure you are comfortable with their responses and your research. An on-site meeting or conference call is suggested.

Narrow Your Search.

  • Based upon how you feel about each company, the people, the methodology, their previous experience, and of course, cost; you should narrow down your search to the top one or two companies you are looking to engage.
  • Pricing for an SSAE 16 audit can vary greatly depending upon the company performing the work and the size of your organization; however, don’t expect to pay any less than $13,000.00 for the audit.
  • You should look for a fixed rate fee so there is no potential for the audit firm to raise its rates on you as the project progresses.

Define the Scope.

Once you have engaged a firm to perform the work, make sure that you define the scope of the audit early on in the process. Not doing so could lead to excessive delays and potential cost overrun

Define Your Control Objectives and Activities.

In conjunction with your CPA firm, define the controls to be tested and make sure that they have been reviewed by process owners and any of the stakeholders at the CPA firm who may be reviewing and/or signing off on the report to ensure everyone is in agreement.

These steps will set you on your way to getting your SSAE 16 started and should help guide you through some of the challenges of the process. Once you have completed all of the steps we have suggested, you should be able to rely on the knowledge of your CPA firm to take you through a successful audit.

If you have any questions, or need to learn more about IS Partners, LLC and our experiences surrounding the SSAE 16, please contact us at (215)-675-1400 or e-mail us at [email protected]

Continue onto the next blog in this series: SSAE 16 Checklist

Get a Quote Try our Compliance Checker

About The Author

Get Hassle-free Pricing in 3 Easy Steps

Request a quote using the form below
Allow us to create a customized plan
We'll get you an accurate, no-obligation quote
Untitled-1 Asset 1 Request a Quote Background

Request a Quote

Please fill out the form below and one of our compliance specialists will contact you shortly. Want to speak to us now? Call us at (866) 335-6235 or book a meeting with one of our experts.

Request a Quote (Keep)

I.S. Partners is serious about privacy. We will never share your information with third parties. Please read our Privacy Policy for more information.


Great companies think alike!

Join hundreds of other companies that trust I.S. Partners for their compliance, attestation and security needs.

Teladoc VeriClaim DentaQuest VisioNet Verifacts Sterling AV Med DOE Legal