When user organizations outsource business functions to a service provider, the risks of the service organization become risks of the user entities. Organizations that use service providers want to ensure the integrity and security of the system and company to which they are entrusting their data. Accordingly, user organizations are increasingly demanding that their service providers undergo an audit that ensures the effectiveness and reliability of their control environment. The result of such an audit, called a SSAE 16 examination, is the issuance of a Service Organization Control (SOC) report by a third party auditor. I will leverage my extensive experience to help you avoid common pitfalls that occur in SSAE 16 engagements. I make specific recommendations to address potential shortfalls in the existing internal control environment. And, using a technology biased approach, I will help you identify and implement solutions to address the control deficiencies so that you will go into the audit armed with a sound, fully documented internal control framework. The SSAE 16 Preparation Program is one of the most fundamentally important steps that you can take to help ensure that your org