SSAE 16 Type-1 & Type-II Audits & certification are done for service Organizations involved in back office processing of transactions and call center activities on behalf of their US Principals which are mandated to comply with SOX regulation in the US .
- Pre-audit readiness assessment.
- Evaluate the Control environment, risk assessment, control activities, monitoring & communication.
- Conduct Type -1 Audit on the process & IT General control Design effectiveness and issuing the report on a specific date.
- Conduct Type II Audit on the Process & IT General control operating effectiveness once in 6 months or one year and issuing report.
About SSAE 16 SOC I
SSAE 16 (formerly SAS 70) – is an internationally recognized third party assurance audit designed for service organizations. Standards for Attestation Engagements No. 16 (SSAE 16 or SOC 1) effectively replaced SAS 70 on June 15, 2011. SAS 70 the early version of the service auditors report become the most widely accepted compliance initiative that provides service organizations a benchmark to compare their internal controls and processes against industry best practices.
Why Irisk ?
- Deep Knowledge in BPO industry business processes
- Deep understanding of regulations such as HIPAA, HITECH, PII, SOX
- Expertise in Enterprise Information Security
- High quality deliverables
- Insightful consulting advice
- Meeting project deadlines and expectations
- Very reasonably priced
Other Benefits of a SSAE 16 ( SOC1 ) Report:
- Instant credibility
- Third party perception
- Confirmation that controls, procedures, and process are in place as management intends
- Independent assessment of controls
- Potential to grow market share
- Reduction of third party self-assessment questionnaires
- One audit report can satisfy multiple customers
As a large majority of audits are technical in nature, Irisk engages auditors with certifications such as CISA, CISSP, CISM, CIA in addition to CPAs onsite to complete your company’s audit.