NDNBprovides industry leading SSAE 18 SOC 1 audits and assessments for business located in Manhattan, New York City, New Jersey, Long Island, Connecticut, and Philadelphia. We’ve been one of North America’s leading providers of regulatory compliance services, offering fixed-fee pricing, superior audit services, along with a household name from coast to coast. NDNB offers SOC 2 services for businesses using Amazon AWS, Microsoft Azure and Google GCP. Our SSAE 18 SOC 1 services consist of the following.
Hosting in Amazon AWS and Need a SOC 1 or SOC 2? Let's Talk.
Fixed Fee Services from Readiness Assessments to Audits
SSAE 18 SOC 1 Scoping & Readiness Assessments: For service organizations new to SSAE 18 SOC 1 reporting, or just need a refresher on assessing their internal control environment, a scoping & readiness assessment is one of the very best activities any business can perform, and for a number of good reasons.
First, you’ll need to gain a strong understanding of scope boundaries for the audit, specifically, what systems, personnel, and business processes will the audit include? Second, once that’s been identified, you’ll need to assess your policies, procedures, and processes related to those controls, and what remediation initiatives will need to be performed.
Policy and Procedures Writing Services: Regulatory compliance – specifically, SSAE 18 SOC 1 compliance – often requires a hefty dose of documentation to be in place. From information security policies and procedures to operational specific materials, you’ll need to be prepared to author essential documents, if not already in place. We provide all of our clients with comprehensive information security policy writing services. It’s just another reason why businesses throughout Manhattan, New York City, New Jersey, Long Island, Connecticut, and Philadelphia choose NDNB.
Remember something very important. Writing policies and procedures “can” be an extremely time-consuming endeavor, especially if you don’t have the internal resources for such an undertaking. Let NDNB do the heavy-lifting in authoring your information security policies and procedures. We do it all the time for our valued clients.
Technical Remediation Services: Often times, service organizations will also have to undertake various technical remediation initiatives, such as re-configuring information systems for purposes of ensuring the safety and security of assets. From changing firewall rules to strengthening access rights for users, there’s often much to do in terms of technical remediation.
NDNB offers technical hardening checklists and other helpful documents for both Windows and UNIX/Linux environments for helping clients put in place all necessary controls. While it’s true that SSAE 18 is technically a “financially” driven assessment, there are without question numerous I.T. and security related controls – commonly known “Information Technology General Controls” that are assessed during an audit.
Selection of Vendor Tools and Services: You may find that what’s also needed is an assortment of tools and services for helping ensure compliance is being met. Specifically, from software applications ranging from anti-virus to file integrity monitoring (FIM), along with critical managed services offerings, such as cloud-based web application firewalls to vulnerability scanning, there’s often a lengthy list of tools/services that need to be implemented. NDNB can help charter the waters of vendor compliance, providing you a list of high-quality, cost-effective solutions that are easy-to-deploy and configure. It’s just another reason by companies choose to work with us, and so should you.
The Tri-State Area Leaders for SSAE 18 SOC 1 Audit Services
Why NDNB? Because we offer a complete set of services and solutions for SSAE 18 SOC 1 compliance, beginning with the all-important scoping & readiness assessments to policy and procedures writing, technical remediation, vendor selection for security products, along with SSAE 18 SOC 1 Type 1 and SSAE 18 SOC 1 Type 2 services.