SSAE 16 OverviewSSAE16

Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization, was finalized by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) in January 2010.  SSAE 16 effectively replaces SAS 70 as the authoritative guidance for reporting on service organizations. SSAE 16 was formally issued in April 2010 with an effective date of June 15, 2011.  

SSAE 16 was drafted with the intention and purpose of updating the US service organization reporting standard so that it mirrors and complies with the new international service organization reporting standard – ISAE 3402.

For service organizations that currently have a SAS 70 service auditor’s examination (“SAS 70 audit”) performed, some changes will be required to effectively reporting under the new SSAE 16 standard.  

Benefits to User Organizations 

User organizations that obtain a Service Auditor's Report from their service organization(s) receive valuable information regarding the service organization's controls and the effectiveness of those controls. The user organization receives a detailed description of the service organization's controls and an independent assessment of whether the controls were placed in operation, suitably designed, and operating effectively (in the case of a Type II report).

User organizations should provide a Service Auditor's Report to their auditors. This will greatly assist the user auditor in planning the audit of the user organization's financial statements. Without a Service Auditor's Report, the user organization would likely have to incur additional costs in sending their auditors to the service organization to perform their procedures.  

For more information about RidgeGarrett Data Center Compliance, contact us. 

Recent RidgeGarrett Data Center Upgrades!
          • NEW-150x150New redundant high-end Juniper MX routers in virtual chassis configuration.
          • 10Gbps Internet connectivity to multiple carriers. 
          • New redundant 8Gbps fiber channel switching fabrics (A & B side fabrics) for storage.
          • New redundant 10Gbps Juniper switches in virtual chassis configuration.
          • New redundant 10Gbps fully-meshed Fortinet FortiGate firewalls.
          • Failover & Data Replication server clusters connect to 4 isolated networks; better isolation and performance:
            • 2 x 10Gbps ports for Virtual Machines (VMs)
            • 2 x 10Gbps ports for vMotion and Fault Tolerant
            • 2 x 1Gbps ports for management
            • 2 x 8Gbps fiber channel ports for storage
          • 5 new SANs added for improved performance and segregation of various spindle types and SSD storage.
          • 1 new SSD SAN with ultra-high performance - best of class 1.3 million IOPS capable.

Also Now Available!  Failover & Data Replication for critical systems.

innovation-execution-results-data-center

RidgeGarrett on Facebook
RidgeGarrett on YouTube
RidgeGarrett on Linkedin
RidgeGarrett on Pinterest
@RidgeGarrett on Twitter
RidgeGarrett on Google+