Are You Prepared for the New SSAE Standard? – Resources to Help You
Statement of Standards for Attestation Engagements (SSAE) No. 18 – Attestation Standards: Clarification and Recodification, went into effect on May 1, 2017. This post is the first in a four-part series on the changes that will accompany this new standard, and what practitioners and service organizations need to know to ensure continued compliance.
With the issuance of SSAE No. 18, practitioners and service organizations need to be aware of multiple changes the new standard requires for attestation engagements, as well as the enhanced requirements being placed on auditors. Among the updates, practitioners must commit greater attention to risk assessment concerns, and auditors must now evaluate the completeness and accuracy of the information provided by the entity (IPE), similar to the PCAOB’s standards for Sarbanes-Oxley compliance.
Below we’ve compiled a selection of our most helpful resources to help you navigate the changes that accompany SSAE 18 and the way they will directly affect System and Organization Controls (SOC) report requirements.
- IT Insights – SSAE No. 18 – This document reviews in detail each of the 3 components SSAE 18 incorporates: common concepts, levels of service and subject matter.
- IT Insights – TSP Criteria Updates – This document discusses the most recent update to Trust Services Principles (TSP) section 100 criteria used to obtain assurance over outsourced services that are relevant to user entities, but not financial in nature.
To make sure you’re prepared for the new SSAE standard, Weaver’s short SOC quiz will help you determine which type of SOC report is best suited for your organization.