SSAE18 SOC Security Policy Solutions

Simplify SSAE16/SSAE18 SOC I & II Audits

The SSAE18 SOC is a well-recognized standard published by the American Institute of Certified Public Accountants. The SSAE18 (formerly SSAE16 and SAS 70) is used to provide third-party validation of the internal controls of service organizations, and allows them to disclose control activities and processes to their customers and auditors in a uniform reporting format.

Unlike other auditing standards, SSAE18 does not specify a required set of control objectives and is therefore not a “checklist” audit. Therefore, written policies are critical to formally document an organization’s internal controls, and can become the basis for the evaluation by external auditors. Like COBIT, SSAE18 can include many other controls beyond information security. However, a significant component of a SSAE18 audit involves the evaluation of information security controls.

Develop SOC II Security Policies Quickly

Information Security Policies Made Easy

One of the key pieces of documentary evidence for a SOC II report is a comprehensive set of written information security policies.  Information Security Policies Made Easy provides complete security policy coverage for over 200 information security and data privacy topics.   Save time and money developing policies by customizing our library of over 40 expert-written information security policy templates, all mapped to multiple regulations using our Common Policy Library.  Don’t reinvent the wheel!  Our policy templates have been used by over 10,000 organization in 60 countries.

» Learn More  » Request a Sample


Define and Track an Information Security Control Framework

IT Security Made Easy

Use ComplianceShield to help automate every aspect of your information security program.   Our easy-to-use software tool helps define, deliver and demonstrate a cyber security program that addresses key management controls in a fraction of the time of traditional systems.  Use our built-in Control Baselines to define the elements of your program in minutes instead of weeks.  Once defined, ComplianceShield enables you to track, measure, verify and share results with auditors and third-parties.

» Learn More  » Request a Free Demo


Get Expert Cyber Security Help

Virtual CSO On Demand Why struggle with managing compliance?   Use one of our “on-demand” Chief Information Security Officers to guide you every step of the way.  If you do not have the budget to hire a full-time CSO, consider an experienced member of our CSO team.   Each team member is a certified Information security professional (CISSP, CISA, CISM) with many years of practical experience.   Whether you need a lot of help or just part-time guidance, our team can help you accomplish your goals at a fraction of the cost.

» Learn More  » Request FREE Phone Consultation


Want to Talk?

We love speaking to real customers on the phone.   Please call or email to setup a FREE 30 Minute phone consultation.  Let one of our cyber security experts point you in the right direction.  Contact us today!