SSAE 18 is the Statement on Standards for Attestation Engagements No. 18. It was developed by the American Institute of Certified Public Accountants (AICPA). That organization also oversees the System and Organization Controls (SOC) framework. This framework defines the controls and policies you need for compliance with SOC1, SOC 2 and their variants.
SSAE 18 provides enhancements to its predecessor, SSAE 16. The changes focus on improving the quality and usability of SOC reports. In addition, SSAE 18 intends to make organizations more directly responsible for third-party relationship risk assessment and management. Auditors use this Statement to guide creation of SOC 1 audit reports, as they did with its predecessor.
Trustero Compliance as a Service (CaaS) is cloud-based, easy-to-use compliance automation software. The solution is designed to simplify SOC 2 audit readiness and enable continuous compliance. For example, the Trustero platform includes auditor-approved controls and auditor-vetted policy templates. It also performs automated evidence gathering and validity testing. And it provides AI-powered recommendations for manual evidence gathering and testing. These features help reduce the risks of failing a SOC 2 audit, and make completing an SSAE 18 easier for you and your auditor.
Trustero CaaS also integrates with leading Software as a Service (SaaS) tools and platforms. In addition, the Trustero solution constantly monitors your technology infrastructure and can notify administrators when an element falls out of SOC 2 compliance. Regular and on-demand reports of your compliance posture help you achieve and sustain continued compliance. These and other features enable consistent access to accurate, up-to-date information about your environment. This helps you and your auditor craft and complete all compliance-related documentation more quickly, easily, and credibly.