OtherInternational
SSAE 18 — Attestation Standards (SOC Reporting)
Statement on Standards for Attestation Engagements No. 18 (SSAE 18) provides the framework for SOC (System and Organization Controls) reporting engagements.
Domains
SOC 1 — Internal Controls over Financial Reporting
SOC 2 — Additional Trust Services Categories
SOC 2 — Logical and Physical Access Controls
SOC 2 — Security (Common Criteria)
SOC 2 — System Operations and Change Management
Compare SSAE 18 — Attestation Standards (SOC Reporting)
SSAE 18 — Attestation Standards (SOC Reporting) vs ISO 27001:2022View comparison →SSAE 18 — Attestation Standards (SOC Reporting) vs SOC 2View comparison →SSAE 18 — Attestation Standards (SOC Reporting) vs NIST CSF 2.0View comparison →SSAE 18 — Attestation Standards (SOC Reporting) vs GDPRView comparison →SSAE 18 — Attestation Standards (SOC Reporting) vs HIPAAView comparison →SSAE 18 — Attestation Standards (SOC Reporting) vs PCI DSS 4.0View comparison →
SSAE 18 — Attestation Standards (SOC Reporting) by Industry
SSAE 18 — Attestation Standards (SOC Reporting) for Healthcare→SSAE 18 — Attestation Standards (SOC Reporting) for Financial Services→SSAE 18 — Attestation Standards (SOC Reporting) for Technology→SSAE 18 — Attestation Standards (SOC Reporting) for Government→SSAE 18 — Attestation Standards (SOC Reporting) for Manufacturing→SSAE 18 — Attestation Standards (SOC Reporting) for Energy→SSAE 18 — Attestation Standards (SOC Reporting) for Retail→SSAE 18 — Attestation Standards (SOC Reporting) for Education→
SSAE 18 — Attestation Standards (SOC Reporting) by Role
SSAE 18 — Attestation Standards (SOC Reporting) for CISOs→SSAE 18 — Attestation Standards (SOC Reporting) for Compliance Officers→SSAE 18 — Attestation Standards (SOC Reporting) for Risk Managers→SSAE 18 — Attestation Standards (SOC Reporting) for IT Directors→SSAE 18 — Attestation Standards (SOC Reporting) for DPOs→SSAE 18 — Attestation Standards (SOC Reporting) for Auditors→
Frequently Asked Questions
What is SSAE 18?
Statement on Standards for Attestation Engagements No. 18 (SSAE 18) provides the framework for SOC (System and Organization Controls) reporting engagements.
How many controls does SSAE 18 have?
SSAE 18 contains 47 controls organized across 5 domains.
Where does SSAE 18 apply?
SSAE 18 is applicable in International. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.
What frameworks does SSAE 18 map to?
SSAE 18 has control-to-control mappings with 594 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.
How do I get started with SSAE 18 compliance?
Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.
How ready are you for SSAE 18 — Attestation Standards (SOC Reporting)?
Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.