SSAE 16/SAS 70 Report Evaluation Services


Reason for the Engagement

Organizations are reliant on external parties to host their computer system/networks and in some cased handle their business operations.  A SSAE 16 audit is used to provide assurance that an adequate control structure has been established and is operating effectiveley.  User organizations are in the position to escalate their concerns to the Service Organization of the quality of these reports.  However, most user organizations do not have the technical expertise to adequately review these SSAE 16 audit to determine whether they meet their requirements.  Audit Serve provides the service to review these audit reports and provide an assessment of whether it meets your organization's requirements.


Potential Scope Areas


  • Determine whether scope of SSAE 16/SAS 70 meets requirements of the organizaton
  • Determine whether controls established are adequate
  • Determine whether test approach are constructed to adequately validate the effectiveness of the controls
  • Assess whether internal control have been established within the user organization which meet the controls specified within the user consideration section of the SSAE 16 report

Next Steps


Contact Mitch Levine, Audit Serve and he will contact you to establish a proposal which scales the engagement to the requirements of your organization.

AuditNet - The Global Resource for Auditors

Audit Vision

Since 1991
Join 3,500 other subscribers



Free Audit Serve Seminars Posted Online

25 minute extract from the seminar entitled "Alternate Control Design Approaches for z/OS" presented by Mitch Levine in London (at the Churchill War Rooms) March, 2018 which would be of interest to IT Audit, Security and GRC personnel

General Data Protection Regulation Seminar

Copyright © 2015. All Rights Reserved.