Partners in problem solving....| Call:+92-21-3497 3150-51

Online Training, Consulting and Certification Services

Home
- About Us
- Our Services
Management Systems
Business Continuity
IT Management
Food Safety
Product Certification
QuickBooks
Quotation
Oman Company Setup

SOC Audits

ISO/IEC 20000-1:2018
ISO/IEC 27001:2013
BPM/Workflow Automation
ACT! CRM
E-Commerce Web Development
LMS Services
SOC Audits
PCI Data Security Standard (DSS)

Address

D-32, Block-7, Gulshan-e-Iqbal, Block 7,
Karachi - 75300, Pakistan

CertMike Explains SOC Audits

What is SSAE 18?

Statement on Standards for Attestation Engagements no. 18 (SSAE 18) is the new "attest" standard put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA). The new SSAE 18 standard went into effect for any reports dated after May 1, 2017.

SSAE 18 supersedes SSAE 16, which in turn superseded the SAS 70 audit standard. SSAE 18 combines several prior SSAEs that were not related to SSAE 16. SSAE 16 was specific to SOC 1 reports which deal with the controls at a service organization that impacts the financial reporting of the customers of the service organization. By contrast, SSAE 18 refers to many different types of attestation reports, not just SOC 1 reports.

A service auditor's examination performed in accordance with the SSAE 18 standard represents that a service organization has been through an in-depth audit of its control objectives and control activities. SSAE 18 standards are a move toward more globally accepted accounting principles, which is evident when comparing the new U.S. standard from the AICPA to that of its international equivalent, ISAE 3402, put forth by the International Auditing and Assurance Standards Board (IAASB), a standard-setting board of the International Federation of Accountants (IFAC).

Understanding SOC 1 and SOC 2

SOC 1

SOC 1 is the reporting option for the SSAE 16 professional standard that results in a SOC 1 SSAE 16 Type 1 and/or a SOC 1 SSAE 16 Type 2 report. SSAE 16 is for service organizations that have a credible relationship with Internal Control(s) over Financial Reporting (ICFR).

SOC 2

SOC 2 is the reporting option for companies that use cloud computing to transfer and store data and meet new business models and service types provided by service organizations within the last decade. SOC 2 reporting utilizes the AICPA AT Section 1010 and can be a Type 1 or a Type 2. Additionally, SOC 2 reports are comprised of five Trust Services Principles (TSP), which are security, availability, processing integrity, confidentiality, and privacy.

Our Compliance App

ComapnyCertification Intro

Quotation Request

1 Start 2 Page 1 3 Complete

Company Name *

Please provide your firm's legal name.

Contact Person *

Designation

Select Required Certification

Select Required Certification Standard

ISO 9001

ISO 13485 Medical Device QMS

ISO 16949 Automotive Industry

ISO 17025 Labs & Testing

GDPMD

ISO 20000 IT Service Management

ISO 21001 Educational organizations

ISO 22301 Business Continuity

ISO 28001 Supply Chain Security

ISO 31000 Risk Management

ISO 37001 Anti Bribery

ISO 39001Road Traffic Safety

ISO 50001 Energy Management

ISO 55001 Asset Management