Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

SOC | News | SSAE 16 / ISAE 3402 | SOC 1

By: RYAN BUCKNER
January 16th, 2017

Originally published in Accounting Today Simply put, SSAE No 18 is the standard which recodifies all the previous attestation standards. It is the culmination of the efforts to clarify the various standards for performing attestation engagements, which includes among many others, SOC 1 (commonly referred to as SSAE No. 16) and SOC 2 and SOC 3 (AT Section 101), into a single set of standards for the auditors.

Blog Feature

SOC | FAQs | SSAE 16 / ISAE 3402

By: Schellman
December 14th, 2015

The International Auditing and Assurance Standards Board’s (IAASB) International Standard on Assurance Engagements (ISAE) 3402, Assurance Reports on Controls at a Service Organization, became effective in 2011. The standard allows accounting firms to issue attestation reports on user entities’ internal control over financial reporting for service organizations that have international operations..

Blog Feature

SOC | SSAE 16 / ISAE 3402

By: LAUREN EDMONDS
July 20th, 2015

Can I include multiple subservice organizations within my SOC 1?

Blog Feature

SOC | SSAE 16 / ISAE 3402

By: Schellman
May 7th, 2014

As an audit firm, we are frequently contacted by service organizations that know they need a SOC report (usually by way of a client request), but don’t know where to begin. With that in mind, I have broken down the process of obtaining a SOC report into five simple steps:  

Blog Feature

SSAE 16 / ISAE 3402 | ISO 27001 / 27002

By: RYAN MACKIE
April 26th, 2012

My organization is seeking ISO 27001 certification but we outsource physical hosting to a third-party. How do I have to include that organization in the scope of my Information Security Management System (ISMS) when we are not responsible for those physical and environmental controls?

Blog Feature

SOC | SSAE 16 / ISAE 3402

By: Schellman
July 15th, 2011

Schellman’s Doug Barbin was the featured speaker for Compliance Week’s podcast on SSAE 16.