SSAE 16/SOC 1 Readiness Assessment

The SSAE 16/SOC 1 Readiness Assessment is designed to help determine your organization's readiness to undertake a successful SSAE 16/SOC 1 Exam ("SAS 70 Audit"). The assessment identifies and recommends those controls and safeguards that have to be improved or implemented prior to a Type 1 or Type 2 Exam.

A SSAE 16/SOC 1 Exam ("SAS 70 Audit") Type 1 or 2 is necessary to keep your third-party service organization competitive in today's world, as you are required to assure clients that you have sufficient controls and safeguards in place for hosting or processing their data. You can use the final SSAE 16/SOC 1 Exam report ("SAS 70 Audit") as a:

  • benchmarking tool to monitor current standards of controls and safeguards, as well as internal audit exercises;
  • quality assurance tool to demonstrate to clients that you are meeting their control needs; or,
  • resource for clients or prospects performing due diligence over the service organization.

When to Consider a Readiness Assessment

  • In advance of a Type 1 or Type 2 SSAE 16/SOC 1 Exam ("SAS 70 Audit")
  • As an internal-use-only report to identify existing control deficiencies
  • As a cost-effective means to gauge your readiness for an upcoming service audit
  • Prior to a service audit that includes IT as an integral part

Benefits of a SSAE 16/SOC 1 Exam Readiness Assessment

  • Familiarizing personnel with SSAE 16/SOC 1 Exam ("SAS 70 Audit") methodology
  • Educating your organization as to the commitment and resources required for a successful Type 1 or Type 2 SSAE 16/SOC 1 Exam ("SAS 70 Audit")
  • Having an internal report for management to analyze the basis for an improved control structure
  • Providing management an opportunity to rectify control deficiencies with a fresh, risk-based outlook
  • Giving your organization preparation time to address deficiencies in the control structure
  • Allowing your organization to obtain immediate answers from SSAE 16/SOC 1 Exam professionals regarding the impact of the changes to the controls and services that may affect the result of the engagement
  • Defining the scope of the SSAE 16/SOC 1 Exam ("SAS 70 Audit") through refinement of the results of the Readiness Assessment engagement


  • A comprehensive project plan for the engagement
  • Detailed questionnaires and information checklists to help personnel gather necessary information prior to the actual fieldwork
  • A detailed internal report containing recommendations for implementation
  • Other specific requirements that are related to the SSAE 16/SOC 1 Exam standards
  • Identification of existing controls for reevaluation
  • Observation of other deficiencies or gaps noted during the assessment