Statement on Standards for Attestation Engagements 16 is a regulation put in place by the AICPA (American Institute of Certified Public Accountants) to define and update how compliance controls are reported by service companies. The audit is made up of two parts:
A SOC 1 Report (Service Organization Controls Report) is a report on Controls at a Service Organization which are relevant to user entities' internal control over financial reporting. The report focuses on a description of a service organization’s system and on the suitability of the design of its controls to achieve the related control objectives included in the description, as of a specified date.
Service Organization Controls 2 are strict regulations designed by the AICPA, covered under SSAE 16, to ensure that technology-based service providers have proper systems in place to protect client information and data. This report contains a statement of assertion and description of the following, in regards to an organization’s control system:
• Security This addresses protection against both physical and logical unauthorized access.
• Availability This pertains to the system’s availability for operation and use as previously agreed.
• Processing Integrity This ensures system processing is authorized, complete, accurate and timely.
• Confidentiality The protection of information that is confidential, as committed or agreed.
• Privacy This regulation ensures personal information is collected, used, retained and disclosed in accordance to the organizations’ privacy notice, as well as the privacy principles of the AICPA and CICA.
What this means to you
Escrow Options Group is proud to adhere to a variety of regulations under SSAE 16 to keep your escrow transactions running safely and securely. When you open escrow with us, you can be sure that all the necessary internal controls that ensure the security, privacy and integrity of your sensitive information are secure.