Back to top

Litigation & Forensic Services

Collaborative Family Law

Service Organization (SSAE 16)

Service organizations provide a wide range of services to their clients. These organizations include payroll, billing, and credit processing organizations, insurance and medical claim processors, hosted data centers, and application service providers. Service organizations are facing increased pressure to provide independent, third party assurance of adequate controls and safeguards governing their services. This assurance has become a contractual requirement for doing business for many service organizations.

If you are a service organization that processes financial transactions, hosts financial data, or performs other significant services that can have a direct impact on a customer’s financial statements, a service organization control report (typically referred to as a SSAE 16 or SOC report) prepared by Mallah Furman will allow you to demonstrate to your customers and your customers’ auditors that your organization’s internal controls, applications and processes are appropriately designed and operating effectively.

The benefits of a SSAE 16 report are as follows:

  • Provides independent verification of effectively designed control objectives and control activities.
  • Satisfies customer audit requirements, Sarbanes Oxley (SOX) Sec. 404 requirements, and other regulatory requirements.
  • Satisfies contractual requirements.
  • Demonstrates a committed investment in mitigating customers’ exposure to risk.
  • Provides a competitive advantage in a crowded market of service providers.

We provide various type of service organization control reports, including SOC 1 reports (which has replace the SAS 70 standard for reporting on controls over financial reporting), or a SOC 2 or SOC 3 report to demonstrate the strength of your non-financial controls to management, suppliers, business partners, and customers. Our extensive audit and assurance knowledge, along with our solid SAS 70 experience, extensive SOX work, and IT and internal controls consulting expertise demonstrate the strength and range of our SOC reporting services. In addition to our reports on the engagement, we also identify the root cause of systemic breakdowns and offer our recommendations for practical solutions to improve an organization’s internal controls and operating efficiencies.