Top 5 Reasons to Get an SSAE 16 (f. SAS 70) Report
So, you have a current customer or client asking whether you have completed an SSAE 16 examination. Now you may have some basic questions such as the following: What is an SSAE 16 audit report? A Type II SSAE 16 report is an independent report on the design and operating effectiveness of key controls at a service organization. SSAE 16s were formerly called SAS 70s. What is a service...
Read MoreSSAE 16/SOC 1 (f. SAS 70) Reports Greater or Less Than 12 Months
A question that comes up periodically with both new and existing clients is whether service auditor examinations (eg, SSAE 16) reports can cover periods outside of the 12 month norm. The answer to this question is yes and it is somewhat common for several reasons. First, service organizations that have not undergone a service auditor examination before will often start out with either a...
Read MoreIt’s 10 O’Clock: Do You Know Where Your Data Is? – Basic Questions For Your Cloud Providers
As more widespread adoption of cloud computing takes place, many companies are trying to determine whether it can effectively work for them. The value proposition is simple: focus on what your company does best and leave the constant upgrading, patching, and maintaining of IT systems to someone else. In 2009, the City of Los Angeles faced a $400 million deficit. As a result of the deficit, the...
Read MoreData Analytics as an Audit Tool
Data analytics is defined as the process of inspecting, cleaning, transforming, and modeling data with the goal of highlighting useful information, suggesting conclusions, and supporting decision making. Common uses of data analytics: Customer resource management (CRM) – Analytics can help companies monitor and understand customer actions and create more targeted advertising and...
Read MoreGap or Bridge Letters
Astute observers will note that most SSAE 16/SOC 1 reports often cover only a portion of the user’s organizations calendar or fiscal year. For example, a report may have a coverage date of October 1, 2011 through September 30, 2012. If the user organization has a calendar year end, what do they do to get comfort about the controls for the last three months of the year? The answer is...
Read MoreSecurity – Don’t Neglect the Basics
Our firm has examined a wide variety of clients in a number of different industries. Considering the criticality of many client systems and networks, it is interesting that some companies neglect the basics that help ensure the security of their data. The following tips are by no means inclusive of all of the security precautions your company should be taking, but they are a start. Ensure the...
Read MoreAbout Linford & Company
We are specialists in the performance of SSAE 16/SOC 1, SOC 2, and royalty audits across technical disciplines. We issue SSAE 16/SOC 1 and SOC 2 reports for a wide variety of service organizations that go to many of the largest user organizations in the world. We also perform royalty audits on some of the largest consumer brands in the world.
 |
Follow us on our blog where we provide information about our firm, insight on guidance relevant to our services. |
 |
Subscribe to our newsletter. |