IT service companies who found the SAS 70 Type II audit reports lacking.
SSAE 16 is to be used when an entity outsources "a business task or function and the data resulting from that task of function is incorporated in the (customer's) financial statements." This creates broad applicability to a significant number of service providers from payroll providers, data center collocation providers, IT outsourcing and managed services companies, managed hosting providers, and an ever increasing array of cloud services providers regardless of whether they are Infrastructure as a Service ("IaaS"), Platform as a Service ("PaaS") or Software as a Service ("SaaS").
CounterStrike qualified auditors, all of which have 'big four' audit experience, can either perform Type 1 (only covers the design effectiveness of internal controls) or Type 2 (covers design as well as the operating effectiveness of internal controls over a minimum reporting period of six months) audits and provide credible and well-written reports.
When you know you are ready for a SSAE 16 audit and you would like to combine this with a PCI DSS audit for best efficiency and lower costs, be sure to Contact CounterStrike.