The Leader in Software & Facility Security for 1099, W-2, & 1042-S Tax Forms..

(888) PRO-1099

1099 Pro Security

SSAE 16 SOC I Type II Certified

SSAE 16 SOC 1 Type II Security


  • SSAE 16 - Statement on Standards for Attestation Engagements No. 16.
  • SOC I - Service Organization Control Report No. 1
  • Type I - Audit of a system on a specified date
  • Type II - Audit of a system throughout a specified time period


The SSAE 16 is an attestation standard put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA).

SSAE 16 SOC I Type II is a high-level security certification requiring a stringent audit process. 1099 Pro’s hosting and data facilities have passed this difficult audit without exception, ensuring that your data is secure when using any of our software or services. The SSAE 16 effectively replaces the SAS 70 for reporting periods ending on or after June 15, 2011.

This standard applies to engagements undertaken by a Service Auditor for reporting on controls at organizations like 1099 Pro which provide services to their customers. The controls in place at service organizations are likely to be relevant to a customer's internal control over financial reporting (ICFR).


The SSAE 16 requires certain enhancements from the SAS 70 report - such as the service organization provide a description of its system. The description should include the services provided, control objectives, supporting processes, policies, procedures, personnel and operational activities that constitute the organization's core activities relevant to its customers.

Additionally, the SSAE 16 requires a Written Assertion by management be provided to the Service Auditor. In this document, management must assert that the system description and control objectives included therein are a fair presentation for the time period specified in the SOC 1 report.

SOC 1 reports are performed and issued under the Statement on Standards for Attestation Engagements No. 16 (SSAE 16) as explained above. The controls addressed in a SOC 1 report are those that a service organization like 1099 Pro implements to prevent, detect and correct errors or omissions in the information it provides to customers.

Type II indicates that the service organization's system was suitably designed to achieve stated control objectives and to operate effectively throughout a specified time period. Type I refers to a system designed for implementation on a specific date, rather than throughout a specified time period.

For further information, or report details, please contact the 1099 Pro Service Bureau.

The Service Bureau
Phone: 866-444-3559