Reason for the Engagement
Organizations are reliant on external parties to host their computer system/networks and in some cased handle their business operations. A SSAE 16 audit is used to provide assurance that an adequate control structure has been established and is operating effectiveley. User organizations are in the position to escalate their concerns to the Service Organization of the quality of these reports. However, most user organizations do not have the technical expertise to adequately review these SSAE 16 audit to determine whether they meet their requirements. Audit Serve provides the service to review these audit reports and provide an assessment of whether it meets your organization's requirements.
Potential Scope Areas
- Determine whether scope of SSAE 16/SAS 70 meets requirements of the organizaton
- Determine whether controls established are adequate
Determine whether test approach are constructed to adequately validate the effectiveness of the controls
- Assess whether internal control have been established within the user organization which meet the controls specified within the user consideration section of the SSAE 16 report
Contact Mitch Levine, Audit Serve Levinemh@auditserve.com and he will contact you to establish a proposal which scales the engagement to the requirements of your organization.