Drata Logo Dark (New)
  • Product
  • Resources
  • Alliances
  • Customers
  • Company
    Sign inGet Started
  • Sign in
  • Get Started
HomeCompliance GlossaryWhat is SSAE 16?

What is SSAE 16?

The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA).


Auditors use SSAE 16 as a guide when creating two specific audit reports: The first is a snapshot to reflect the status of an organization’s controls on a particular day, and the second is to incorporate historical data that reflects how controls have changed over time. Auditing standards, like SSAE 16, are used by auditors to guide the discovery of controls, including security controls, in all types of organizations, such as data centers, internet service providers (ISPs) and other entities that incorporate information security controls. The use of such standards is important in order to help both organizations and auditors in demonstrating information security compliance with regulations, such as Sarbanes-Oxley.


Clients use the SSAE 16 standard to pursue a SOC 1 report.

Join the Thousands of Companies that Trust Drata

See All Case Studies
Wiz logo 2
Airbase
TaskRabbit Logo
BambooHR Logo
Clearbit Logo
Superhuman
Alteryx logo
Lemonade Logo
Notion Logo
Vercel Logo
Wordpress VIP
Calendly Logo

View Drata Glossary

Learn more about other compliance and cybersecurity concepts in our glossary.

Read More

Solutions

StartupMid-MarketEnterpriseDrata PlatformIntegrations
Frameworks
SOC 2ISO 27001HIPAAGDPRNIST AI Risk ManagementFedRAMPNIS 2Custom FrameworksAll Frameworks
Resources
BlogEventsWebinarsReportsSOC 2 HubISO 27001 HubProduct UpdatesCompliance GlossaryAPI Documentation
Company
CareersCustomersAuditorsPartnersPressContact UsLegal
Trust
Security and ComplianceTrust CenterSystem StatusAccessibility

Drata Logo Light

© 2025 Drata Inc. All rights reserved.

|Privacy Notice|Legal