View CartView Cart

QuestionsContact Us

Services

We are a team of professionals providing consulting services to companies across variety of industries. We assist with managing, coordinating and executing control assurance efforts, assessing application security, mitigating deficiencies, streamlining compliance efforts through efficiencies, evaluating risks and providing solutions that bring value. Below is a brief overview of our core services.

Services

Statement on Standards for Attestation Engagements (SSAE) 18 and International Standard on Assurance Engagements (ISAE) 3402 and Related Control Services

We offer assistance in managing the execution and delivery of the Statement on Standards for Attestation Engagements (SSAE) 18 and International Standard on Assurance Engagements (ISAE) 3402 (formerly known as SAS 70) reports intended for use by management of the service organization, its current user organizations, and the independent auditors of such user organizations, including:
  • Coordination of the readiness assessments and the execution of the related procedures.
  • Evaluation of business process and technology controls within the context of reports to provide a clear picture of the control environment.
  • Assisting management by drafting the description of controls (creating the report narratives and control matrices).
  • Mapping the control activities to the respective control objectives.
  • Execution of the testing procedures (description of controls placed in operation, executing and documenting tests of operating effectiveness and the results of such tests).
  • Performing gap assessments and identifying alternatives for management to consider to remediate the control gaps.
  • Assisting management by identifying relevant user control considerations.
  • Quality control and review and the delivery of the final report.

We also help companies ascertain the reliability and the integrity of the processing environment at their service organization(s), specifically:
  • Assess significance of internal controls at the service organization to the entity’s internal control and the relevance to the audit.
  • Determine whether the SAR (Service Auditors' Report) is satisfactory for organizations' audit purposes and sufficient to meet their audit objectives.
  • Review test procedures and conclusions on operating effectiveness of the controls at the service organization over a specific period of time to gain assurance that service organization provides adequate protection surrounding the processing of company’s data.
  • Assess audit implications of any deficiencies reported in the SAR and their effect on the audit and the entity’s internal control.
  • Determine whether there is a need to obtain additional audit evidence about the operating effectiveness of controls at the service organization.