Looking for SSAE 16 guidelines for helping organizations meet compliance with the new AICPA attest standard that has effectively replaced the longstanding SAS 70 auditing standard? Unsure of what specific requirements organizations must meet for being SSAE 16 compliant? Trust the experts at NDB Accountants & Consultants and learn about five important elements regarding Statement on Standards for Attestation Engagements No. 16.
General SSAE 16 guidelines that service organizations need to know about for ensuring a seamless and efficient transition from the historical SAS 70 auditing standard to the newly adopted SSAE 16 attest standard are the following:
1. Goodbye to SAS 70: After almost 20 years of being the global de facto auditing standard for reporting on controls at service organizations, SAS 70 has been effectively replaced by a new attest standard. Learn about the evolution of this new standard along with its international equivalent, known as ISAE 3402.
2. SSAE 16 Written Statement of Assertion: This assertion was never a requirement for SAS 70, thus you'd be wise to spend time in learning about what's required in this critical document.
3. Description of the "System": Look upon the SSAE 16 description of the "system" as an in-depth and comprehensive illustration of an organization's policies, procedures, processes, and other related activities that are undertaken on a daily basis.
4. SSAE 16 and ICFR: SSAE 16 guidelines state that the use of the SSAE 16 attest standard is for internal controls over financial reporting, more commonly known as the ICFR concept. However, the standard has pushed aside SOC 2 and SOC 3 reporting and is once again, like SAS 70, becoming the de facto standard for reporting on controls.
5. SOC Framework: Service organizations have undergone significant changes in the past 20 years, thus the AICPA undertook comprehensive measures for revamping its platform for reporting on service organizations. The result was Service Organization Control (SOC) reports.
About NDB
NDB Accountants & Consultants (NDB) is a nationally recognized CPA and Advisory firm specializing in the field of regulatory compliance, ranging from SOC Reports (SSAE 16 and AT Section 101 for SOC 1 and SOC 2, respectively), PCI DSS compliance, to HIPAA, FISMA, and GLBA compliance, just to name a select few. The last decade has seen security, governance, and compliance issue permeate all layers of business, due in large part to the Sarbanes Oxley Act of 2002 and various other state and federal laws and regulations. As such, NDB has been on the forefront of many of these compliance initiatives, developing highly efficient and cost-effective auditing methodologies, while providing first-class, resource rich web portals for educational purposes, such as the highly acclaimed SAS 70 Resource Guide, the PCI DSS Resource Guide along with the ISAE 3402 Resource Guide.
###
No comments:
Post a Comment