With all the cyber threats today, organizations need to be assured that they’re working with reputable vendors who operate in a secure manner and maintain protected systems. One way to provide this assurance is to apply for SSAE 16 examination.
InfoSight Inc. is proud to announce the successful completion of a Statements on Standards for Attestation Engagements No.16 (SSAE 16) Type II examination, formally known as a Report on Controls at a Service Organization (SOC 1), performed by independent CPA firm BrightLine CPAs & Associates, Inc.
The Statement on Standards for Attestation Engagements no. 16 (SSAE 16), Reporting on Controls at a Service Organization (AICPA, Professional Standards, AT sec. 801), is an attestation standard that establishes the requirements and guidance for reporting on controls at a service organization, like InfoSight Inc., relevant to the user entities’ internal control over financial reporting.
The controls addressed in SSAE 16 are those that a service organization implements to prevent, detect and/or correct, errors or omissions in the information it provides to user entities. It was set into motion by replacing the SAS 70 auditing standard in June 15, 2011, which solely focused on a description of controls, whereas SSAE 16 is required to describe its system. This more expansive and comprehensive assertion requires a written statement, unlike its predecessor, which must be crafted by management to be included in the system’s description.
The service auditors evaluated the design and operating effectiveness engagement of description of our system (Type II), which is the information technology, policies and procedures, and processes in place to provide the services we yield. These controls and systems include our risk management practices, information and communication practices, monitoring practices, and the IT systems and processes involved in supporting our operational activities.
Because we work with organizations that operate under federal and state compliance requirements, we feel it’s necessary to assure our customers that we’re secure. Having this assessment conducted not only offers our customers peace of mind, but it displays our commitment to quality and responsibility.
There are many benefits of having an SSAE 16 assertion completed, as would be the ability to perform outsourcing services for public companies and have year-round access to trusted, independent auditors who will review our controls and activities to ensure our customers we function appropriately. Ultimately, this creates a better, more reliable work environment where accountability in our performance is key.
So now, our clients can feel more at ease as they trust us with their cyber security assessments, DDOS defense, data loss prevention, vulnerability management, IT infrastructure and so much more.