• +1 866 576 4414
  • info@AARC-360.com
  • 3525 Piedmont Rd, 7 Piedmont Center, 3rd Fl Atlanta, GA - 30305
Assurance (SOC 1 / SSAE 16 / SSAE 18 /, SOC 2, PCI DSS Assessment, Agreed - Upon Procedures)
Our Services


Our Assurance services are designed to provide an independent professional opinion with the goal of building trust and improving the information so that your customers, stakeholders and investors can make more informed and better decisions.  Our SSAE 16 / SSAE 18 / SOC 1 and SOC 2 services provide independent and professional opinions that reduce the risk associated with using an outsourced service provider.

Under an assurance engagement (SOC 1 / SSAE 16 / SSAE 18 or SOC 2), we can address a variety of services ranging from information systems security reviews to accounts payable processing to customer satisfaction surveys.  Assurance services can test financial and non-financial information.  Our services while highly structured, can be customized and implemented depending on the size and complexity of our clients’ operations.

Select an Assurance Solution

Service Organizations such as payroll providers, collection agencies, or managed services providers whose services/controls directly or indirectly impact the accuracy of their clients’ financial statements, are required to provide independent assurance to their clients with respect to the effectiveness of the design and operations of such services/controls.  Our SOC 1 / SSAE 16 / SSAE 18 examination services are intended for such service organizations (user entities) and their CPAs that audit the financial statements (user auditors).
Service Organizations such as data center hosting providers, medical records management providers, etc., whose services may impact the security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems may be required to provide independent assurance to management or those charged with governance of the user entities and of the service organization, customers of the service organization, regulators, or business partners.  Our SOC 2 examination services, in accordance with the AICPA guidance, are designed to provide that independent assurance against defined criteria around the principles of Security, Availability, Processing Integrity, Confidentiality, or Privacy.
A PCI DSS Assessment is an audit for validating compliance with the Payment Card Industry Data Security Standard (PCI DSS). During the assessment, a PCI Qualified Security Assessor (QSA) determines whether the business has met the PCI DSS 12 requirements, either directly or through a compensating control. AARC-360 is a Qualified Security Assessor (QSA) Company that has been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS and is authorized to perform assessments and prepare appropriate compliance reports (such as Reports on Compliance (RoC)) required by payment card brands and acquiring banks.
An agreed-upon procedures engagement is one in which we are engaged by a client to issue a report of findings based on specific procedures performed on subject matter.   Because the specified parties require that findings be independently derived, our services are obtained to perform procedures and report on the related findings. We along with the specified parties agree upon the procedures to be performed that the specified parties believe are appropriate.