askrenes
asked on
SSAE 16 and Confidentiality
I understand the purpose and scope of an SSAE 16 audit and why a company would want to be accredited with one. However, because the audit report contains such confidential information, many companies (Google comes to mind) refuse to provide it to even their most highly regarded customers. Are they obtaining it just to say that they have it? And in circumstances like this, what's preventing anyone from just claiming they have had one completed (and then making the confidential argument when an inquiry is made)?
http://www.ssae16.org/faq/does-our-organization-become-ssae-16-qcertifiedq.html
ASKER
That doesn't exactly answer my questions. What's preventing anyone from just claiming they have had one completed (and then making the confidential argument when an inquiry is made)?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.