KCIC is currently in the midst of our annual SSAE 16 audit. SSAE 16 stands for Statement on Standards for Attestation Engagements No. 16 (SSAE 16) Reporting on Controls at a Service Organization. It was finalized by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) in January 2010. The SSAE 16 audit gives authoritative guidance for reporting on service organizations.
The audit is performed by an accounting firm on an annual basis. The purpose of this audit is to ensure that we have the necessary controls in place to keep our clients’ sensitive data safe and secure. Most companies’ internal auditors require that any organization providing services to the company that has control of certain types of data undergo this type of audit.
Our audit is two parts. The first part looks at our physical security of our office space and the security of our servers and access to the data. The second part audits our procedures for intake and processing of new complaints, invoices, monthly billings and payments.
In the first part, the auditors want to ensure that we have reasonable controls in place so that no unauthorized personnel can enter our physical office space or access our databases and servers. This is to limit the possibility of unexpected changes to our client’s data stored in our office or on our server.
In the second part, the auditors confirm that we have strong procedures in place to ensure all complaints received are processed and the correct people are notified, we pay the correct amount for invoices and settlements and pay the correct people, and that we also bill the insurers properly and accurately account for the payments received for those billings. Once the procedures are verified, the auditors sample our daily and weekly activities so that they can see evidence that our procedures are consistently followed.
Never miss a post. Get Risky Business tips and insights delivered right to your inbox.
Almost time...stop by Table 43 and say hi! pic.twitter.com/pGDTSZLx7X
Didn't catch our webinar on our Bankruptcy Evidence Verification (BEV) tool? Here's a recap. Learn why we created o… https://t.co/NpQElYHPhn
Our data shows that mesothelioma filings seem to be trending down, albeit very slowly. However, many asbestos defen… https://t.co/eQk3dWVYQU
You have thousands of cases and many stakeholders needing to access, update, share, and store the same data. That's… https://t.co/02vBnt0p6u
Last Feb., we wrote about the Maryland asbestos docket and how a recent case that ruled proper application of the S… https://t.co/2Nh7CvabA4
We wish everyone a safe and joyful holiday season! pic.twitter.com/Z79A5DRusD
Having spent much of her career serving clients who are asbestos defendants, Michelle Potter is an authority on the current state of the asbestos litigation industry. At KCIC, her day-to-day role is to manage client relationships and lead projects to develop and implement claims processing procedures and systems, as well as to perform complex analyses of different types of claims and insurance.Learn More About Michelle