Learn More

Fill out the form for more information,
or call 1-800-726-3339

Are you a student? Complete the academic form instead.

This form collects your name, email, and phone number so that we can provide you with additional information requested. For more about where, how, and why we store your data, please read our Privacy Policy

Communication Preferences


What does SSAE-16 SOC 3 mean and how is SSAE-16 SOC 3 compliance determined?

SSAE-16 SOCSSAE-16 SOC 3 stands for Standards of Attestations Engagement No. 16, System and Organizations Controls Report 3. This AICPA-developed report assesses how well an organization is handling its system processing, data security, system privacy, data confidentiality and data processing over an extended period of time.

Organizations seeking to be SOC 3-compliant must use independent auditors to audit their servers to analyze how they’re abiding by AICPA’s Trust Services Principles. These principles cover factors related to data processing, data security, system privacy, and data confidentiality.

How does SSAE-16 SOC 3 data center and cloud hosting work?

It’s good to think of Private Cloud accounts as virtual computers that allow you to run programs and store data in an encrypted environment that you can access with multiple devices anytime, anywhere. Our team audits all Private Cloud accounts to ensure SOC 3 compliance, and all accounts implement SOC 3-friendly safeguards such as 256-bit AES encryption, SSL-A rated data centers, two-factor authentication, and five layers of physical and data security.

How can I audit and maintain compliance with SSAE-16 SOC 3?

Our Private Cloud hosting team engages independent auditors to analyze the health, security and operability of our international network of data centers. Once testing is completed, you can request SOC 3 reports from our team to distribute to inquiring customers and clients.

What other compliance standards are similar to SSAE-16 SOC 3?

SOC 3 is one of three SSAE-16 auditing standards that have been developed by the AICPA. The others are SOC 1, which analyzes an organization’s financial reporting controls; and SOC 2, which tests the same criteria as SOC 3 does. Unlike SOC 2 Type 2 reports, which are geared for management teams with sophisticated technological knowledge, SOC 3 results are freely-distributable reports that are designed for a more general audience in mind.

Are there Abacus clients that are SSAE-16 SOC 2 Type 2 compliant today?

Absolutely! Contact our Private Cloud hosting team today to learn more about how we can help ensure your server and account safeguards can be up to par with SOC 3 requirements.


Additional Resources

  1. AICPA - Trust Services and Information Integrity
  2. AICPA.org - Comparison of SOC 1, SOC 2 and SOC 3 Reports