Andesa Services, Inc. announced today that it has completed a SSAE 16 examination conducted by the certified public accounting (CPA) firm, McKonly & Asbury, LLP.
As a result of the independent third-party examination, Andesa provides assurance to its clients that both its business process and information technology controls were suitably designed and operated effectively for the period October 1, 2010 through September 30, 2011.
The American Institute of Certified Public Accountants (AICPA) recently published a new attestation standard – Statement on Standards for Attestation Engagements (SSAE) No. 16 – to supersede the previous Statement of Auditing Standard (SAS) 70 guidance for performing an examination of a service organization’s controls and processes. A CPA firm utilizes SSAE 16 guidance to deliver a Service Organization Controls 1 Report (SOC 1), which is a report on controls at a service organization that are relevant to user entities’ internal control over financial reporting. The SOC 1 report serves as the successor to the SAS 70 report in both intent and purpose. The change in standards was made to introduce new reporting requirements for service organizations while also illustrating an adoption and convergence of accounting standards between the U.S. based framework and the globally accepted principle for reporting on controls at service organizations.
The report provides a thorough examination of the design and operating effectiveness of Andesa’s internal controls as they relate to the financial reporting of user organizations. Its scope covers relevant aspects of the control environment, including: computer and data center operations, business transaction processing, physical and environmental security, network security, logical access, the Software Development Life Cycle (SDLC), and change management controls.
“SSAE 16 helps illustrate to our clients that we employ sound operational processes and controls in both business processing services and technology management,” noted Rick Kendall, Andesa’s Chief Technology Officer. “This assessment supports each of our client’s internal control environments as it relates to financial reporting.”