There is no such thing as a SOC or SSAE 16 (known as SOC 1, which is the marketing name for the standard) certification.
Tag: SSAE 16
Testing & Audit Exceptions
If you are reading this article, chances are that your auditor has told you that you have an audit exception or, even worse, multiple “audit exceptions.” Hearing that phrase strikes fear and panic into the hearts of many. While some of those reactions may be justified, I have found that many suffer more than necessary […]
SOC 1 (f. SSAE 16) Review Guidance
Many U.S. companies receive what, until recently, were called SAS 70 audit reports from certain types of vendors.
SOC 1 vs. SOC 2 – What is the Difference and How do you Know What you Need?
Many of our clients and prospects get asked for a “SOC report” without any further clarification. Also, many get asked for a SOC 1 and a SOC 2… so how do they know what they need? Do they need both? Just one? We get these questions all the time, and with a quick conversation, we […]
How Long Does a SOC Examination Take?
We are frequently asked how long it takes to complete a SOC examination. Unfortunately there is not an answer that fits for every examination because every service organization is different. But, if an organization has controls in place the average time taken for a SOC examination is typically one to three months for Type I reports, and six to 12 months for Type II reports. If controls are not in place, the examination can take longer.
Gap or Bridge Letters for SOC 1 Reports
Every year as summer draws to a close, one of the most sought-after topics for discussion that clients, business associates, and others reach out to our firm about is regarding Gap Letters— sometimes called Bridge Letters.
What is a Third Party Administrator (TPA) Audit?
A Third Party Administrator (TPA) is a service organization that provides a variety of services to the insurance industry in accordance with a service agreement.
Need a SOC Report? How To Know Which One Is Best For Your Service Organization
A SOC (System and Organization Controls) report is a report on controls at a service organization related to various types of subject matter, for example: controls that affect user entities’ financial reporting; controls that affect the security, availability, and processing integrity of the systems; or the confidentiality or privacy of the information processed for user entities’ clients.
Findings/Issues in SOC Reports. What Can the Impact Be?
At Linford & Company we perform many SOC 1 (f. SSAE 16) and SOC 2 engagements.
The Advantages of Hiring a Small Firm for Your SOC Audit
At Linford & Company, we fully understand that there are all sizes of companies that complete the kind of audits we do, which include SOC 1 (f. SSAE 16), SOC 2, HIPAA and royalty audits.