NDNB provides industry leading SSAE 18 SOC 1 audits and assessments for business located in Manhattan, New York City, New Jersey, Long Island, Connecticut, and Philadelphia. We’ve been one of North America’s leading providers of regulatory compliance services, offering fixed-fee pricing, superior audit services, along with a household name from coast to coast.  NDNB offers SOC 2 services for businesses using Amazon AWS, Microsoft Azure and Google GCP.  Our SSAE 18 SOC 1 services consist of the following. 

Hosting in Amazon AWS and Need a SOC 1 or SOC 2? Let's Talk.

 aws logo

Fixed Fee Services from Readiness Assessments to Audits

SSAE 18 SOC 1 Scoping & Readiness Assessments: For service organizations new to SSAE 18 SOC 1 reporting, or just need a refresher on assessing their internal control environment, a scoping & readiness assessment is one of the very best activities any business can perform, and for a number of good reasons.

First, you’ll need to gain a strong understanding of scope boundaries for the audit, specifically, what systems, personnel, and business processes will the audit include? Second, once that’s been identified, you’ll need to assess your policies, procedures, and processes related to those controls, and what remediation initiatives will need to be performed.

Policy and Procedures Writing Services: Regulatory compliance – specifically, SSAE 18 SOC 1 compliance – often requires a hefty dose of documentation to be in place. From information security policies and procedures to operational specific materials, you’ll need to be prepared to author essential documents, if not already in place. We provide all of our clients with comprehensive information security policy writing services. It’s just another reason why businesses throughout Manhattan, New York City, New Jersey, Long Island, Connecticut, and Philadelphia choose NDNB.

What is SOC 1 SSAE 18 and Why Policies are Important

Remember something very important. Writing policies and procedures “can” be an extremely time-consuming endeavor, especially if you don’t have the internal resources for such an undertaking. Let NDNB do the heavy-lifting in authoring your information security policies and procedures. We do it all the time for our valued clients.

Also keep in mind that a number of “operational” remediation activities will often be necessary for becoming SOC 2 compliant. Specifically, service organizations will need to perform an annual risk assessment, conduct annual security awareness training, along with developing and documenting a contingency plan for operations. Such measures can take time, luckily NDNB has tools and programs that can sav you dozens of hours and thousands of dollars. Contact Christopher G. Nickell, CPA, at 1-800-277-5415, ext. 706, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. today to learn more.

Technical Remediation Services: Often times, service organizations will also have to undertake various technical remediation initiatives, such as re-configuring information systems for purposes of ensuring the safety and security of assets. From changing firewall rules to strengthening access rights for users, there’s often much to do in terms of technical remediation.

NDNB offers technical hardening checklists and other helpful documents for both Windows and UNIX/Linux environments for helping clients put in place all necessary controls. While it’s true that SSAE 18 is technically a “financially” driven assessment, there are without question numerous I.T. and security related controls – commonly known “Information Technology General Controls” that are assessed during an audit.

Selection of Vendor Tools and Services: You may find that what’s also needed is an assortment of tools and services for helping ensure compliance is being met. Specifically, from software applications ranging from anti-virus to file integrity monitoring (FIM), along with critical managed services offerings, such as cloud-based web application firewalls to vulnerability scanning, there’s often a lengthy list of tools/services that need to be implemented. NDNB can help charter the waters of vendor compliance, providing you a list of high-quality, cost-effective solutions that are easy-to-deploy and configure. It’s just another reason by companies choose to work with us, and so should you.

The Tri-State Area Leaders for SSAE 18 SOC 1 Audit Services

Why NDNB? Because we offer a complete set of services and solutions for SSAE 18 SOC 1 compliance, beginning with the all-important scoping & readiness assessments to policy and procedures writing, technical remediation, vendor selection for security products, along with SSAE 18 SOC 1 Type 1 and SSAE 18 SOC 1 Type 2 services.

Today’s business landscape is heavily interwoven with regulatory compliance mandates, and it’s why you need a trusted advisor assisting you every step of the way, and that’s NDNB, so contact us today and let’s talk. Contact Christopher G. Nickell, CPA, at 1-800-277-5415, ext. 706, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. today.