ūüď£ Live webinar on June 12! Introducing Perks & Offers ‚ÄĒ exclusive discounts from TaxDome partners! Register here

TaxDome wins Comprehensive Firm Workflow Solutions ‚ÄĒ CPA Practice Advisor Readers‚Äô Choice Awards 2024 [Read more]

ūüĒ• Join in-depth webinars to get up to speed on automations, invoicing and team collaboration [Learn more]

SSAE-16 SOC 1 Compliance

What does SSAE-16 SOC 1 Type 2 mean?

SSAE-16 SOC 1 Type 2 is an AICPA auditing report that details how businesses should develop and implement their financial reporting procedures over time. SSAE-16 SOC 1 Type 2 stands for Standards of Attestations Engagement No. 16, System and Organizations Controls Report 1, Type 2.

How is SOC 1 Type 2 compliance determined?

In order for an organization to meet SOC 1 Type 2 compliance, they must provide detailed data that specifically shows how their financial reporting practices are created and executed over a certain period of time. This timeframe is typically in the 6-12 month range. An independent auditor usually prepares this report and carries out all of the required examinations. Noncompliance with SOC 1 Type 2 does not result in penalties, but poor results might lead to customers avoiding an organization due to financial reporting flaws.

How does SOC 1 Type 2 data center and cloud hosting work?

Systems and Organizations Controls Report¬†1, Type 2¬†is one of¬†the numerous auditing standards that we¬†use with our data centers and for accounts that host systems and software related to¬†internal controls for financial reporting. TaxDome Cloud accounts can be¬†used to¬†safely run software and store all of¬†your organization’s data, just like a¬†standard computer or¬†server does. These activities are run directly in¬†the Cloud within a¬†256-bit AES encrypted, Amazon AWS account.

How can I audit and maintain compliance with SOC 1 Type 2?

The TaxDome team regularly audits all TaxDome accounts adhering to the SOC 1 Type 2 and other SSAE-16 standards.

Are there additional compliance standards similar to SOC 1 Type 2?

Yes, Systems and Organizations Controls Report 1¬†is one of¬†three SSAE-16 auditing standards that are typically used to¬†audit data centers. SOC 1¬†is the only one that directly addresses an¬†organization’s financial reporting practices. The additional two SOC reports, SOC 2¬†& 3, focus more on¬†how organizations handle non-financial reporting procedures such as¬†data security, system processing, server uptimes, and data processing. These are the additional compliance standards that are most similar to¬†SOC 1¬†Type¬†2.