Abacus Completes SSAE 18 / SOC 1 Type II Certification
Abacus is excited to announce that we have completed our Service Organization Controls (SSAE 18 / SOC 1) examination under Statement on Standards for Attestation Engagements No. 18 (AT-C Section 320), Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting of the AICPA, which was performed by an independent auditing firm.
Security has always been at the forefront of how we build Abacus and how we select our integration partners. You and your employees entrust us with sensitive information, and we are continually striving to improve and expand our approach to securing that data.
The examination included Abacus’ controls related to the services it provides to our customers when those controls are likely to be relevant to their internal control over financial reporting. The examination included our controls related to IT systems and operations.
About SSAE 18 / SOC 1
SSAE 18 / SOC 1 is designated by the U.S. Securities and Exchange Commission (SEC) as an acceptable method for a user entity’s management to obtain assurance about service organization internal controls without conducting additional assessments. In addition, the requirements of Section 404 of the Sarbanes-Oxley Act of 2002 make SSAE 18 reports even more important to the process of reporting on effective internal controls by public companies.
A SSAE 18 / SOC 1 examination represents that a service organization has been through an evaluation of their control activities as they relate to an audit of the financial statements of its customers. A Type II report not only includes the service organization’s system description, but also includes detailed testing of the design and operating effectiveness of the service organization’s controls.
Completion of the SSAE 18 / SOC 1 Type II examination is another example of our commitment to you and your employees’ data security.