Why is a SOC 1 Report So Important?
A customer working with your service organization will routinely have their financial statements audited. A Statement on Standards for Attestations Engagements 18 (SSAE 18) Service Organization Control (SOC) 1 report performed by I.S. Partners LLC will give your customer’s auditor the assurance that your service organization’s controls are designed and operating effectively, and that these controls do not negatively impact your customer’s financial statements. A SOC 1 report focuses on both business process controls and information technology controls, and is restricted to use by your existing customers (not potential customers).
What Types of SOC 1 Reports Are Available?
I.S. Partners LLC provides two kinds of SSAE 18 audit reports: Type 1 and Type 2.
- A Type 1 report states an opinion that your organization’s internal control system is designed suitability to achieve the related control objectives on a specified date.
- A Type 2 report contains the same information as a Type 1 report, but with the added testing of the controls to prove their operating effectiveness over a period of time. A Type 2 report describes the testing that is performed and the results of those tests.
What Benefits Will My Company Receive With a SOC 1 Report
Respect and trust regarding implemented internal controls are vital to customers who receive services from your organization. The customer must have assurance that internal control audits affecting their financial reporting are timely and accurate in order to stay in compliance with company policies and government regulations. IS Partners, LLC can attest to your service organization’s internal controls, and will let your customers know that your internal controls are effective.
What is the SSAE 18 Examination?
As the basis for the Service Organization Controls (SOC) 1 report, the Statement on Standards for Attestation Engagements (SSAE) No. 16, which will be replaced by SSAE No. 18 as of May 1, 2017, assures your customers’ auditors that your service organization controls are well-designed and operating smoothly. The SSAE 18 examination helps to build ongoing and long-lasting trust between you and your customer.
How is SSAE 18 Different From SSAE 16?
While the SSAE 16 was specific to SOC 1 audits, SSAE 18 is an umbrella standard that applies to most types of attestation engagements, clarifying and formalizing requirements to enhance their reporting potential. The SSAE 16 examination will no longer be referred to as an SSAE 16 examination but will simply be known as a SOC 1 examination.
What Are the Major Changes in the SSAE 18 Examination?
SSAE 18 features significant changes in the following areas:
- Vendor management
- Risk assessment
- Complementary subservice organization controls
- Data validation
Why is the SSAE 18 Update Important
The SSAE 18 update is important because it responds to the needs of third-party service providers and respective changes in the business environment. Over the past several years, an increasing number of service organizations have completed SOC 1 examinations to satisfy customer demand and industry pressure.
What Benefits Will My Company Receive with the SSAE 18 Changes?
With the changes from SSAE 16 to SSAE 18, your service organization can provide a broad-based, enhanced reporting of your control system, which creates greater assurance for your customers. At I.S. Partners, LLC, we can walk you through the changes and the benefits to your organization and customers.
The I.S. Partners, LLC Seal of Excellence
The I.S. Partners “seal of excellence” is granted to SOC 1 – Type I and Type II recipients with unqualified audit opinions. For Type I recipients, the seal indicates that controls are designed effectively. For Type II recipients, controls are designed and operating effectively. The seal is illustrated on the audit opinion letters and is made available for posting on the recipient’s website and/or marketing literature.