Skip to main content

SOC 1 SSAE 18 Audits & Assessments

SOC 1 SSAE 18 audits and assessments for service organizations

Fixed-Fee SOC 1 SSAE 18 Type 1 and Type 2 Assessments

NDB provides SOC 1 SSAE 18 Type 1 and Type 2 assessments to businesses all throughout the United States, and at competitive, fixed-fee rates. We have been specialists in the regulatory compliance arena for many years, having issued hundreds of former SAS 70 audits reports and current SOC 1 (SSAE 16/SSAE 18) Type 1 and Type 2 reports for a large number of service organizations, ranging from payroll companies to data centers, and so much more.

Statement on Standards for Attestation Engagements (SSAE) No. 18 is effective for reporting audit opinions dated on or after May 1, 2017, and is part of the American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) framework. Specifically, SOC 1 Type 1 and Type 2 assessments fall under the SOC 1 reporting option. Thus, it's common to hear people refer to SSAE 18 as "SOC 1" reports.

Request a Consultation

SOC 1 SSAE 18 Reporting

A SOC 1 SSAE 18 Type 1 Report is known as a "Report on management's description of a service organization's system and the suitability of the design of controls," which includes the following subject matter

  • A description of the service organization's "system."
  • A written assertion from management of the service organization that fairly presents the service organization’s system as designed and implemented as of the specified date, and that the controls related to the control objectives stated in the description of the “system” for the service organization were suitably designed to achieve the control objectives as of the specified date.
  • A service auditor’s assurance report.

A SOC 1 SSAE 18 Type 2 Report is known as a "Report on management's description of a service organization's system and the suitability of the design and operating effectiveness of controls," which includes the following subject matter:

  • A description of the service organization's "system."
  • A written assertion from management of the service organization that fairly presents the service organization’s system as designed and implemented throughout the specified period, and that the controls related to the control objectives stated in the description of the “system” for the service organization were suitably designed to achieve the control objectives as of the specified period.
  • A service auditor’s assurance report.

SOC 1 SSAE 18 Resource Guide

To learn more about the AICPA SOC reporting framework, which includes SOC 1, SOC 2 and SOC 3 reporting, please visit the official SOC Report Resource Guide, developed by NDB. Interested parties will find an abundance of information on SOC 1 SSAE 18, such as the following (and much more):

  • Why a New Standard?
  • SOC 1 (SSAE 18) and ICFR
  • SOC 1 vs. SOC 2
  • Description of the System
  • SOC 1 (SSAE 18) Written Statement of Assertion
  • SOC 1 vs SOC 2

Fixed Fee SOC 1 SSAE 18 Type 1 & Type 2

NDB can provide your organization with a competitive, fixed fee for your SOC 1 SSAE 18 Type 1 and Type 2 reports. Please contact us today or call Christopher Nickell at 1-800-277-5415, ext. 706 or at This email address is being protected from spambots. You need JavaScript enabled to view it. to discuss your needs. We're North America's trusted provider of SOC 1 SSAE 18 Type 1 and Type 2 audits and assessments at competitively priced fixed fees, along with offering numerous other regulatory compliance services.