AUSTIN – RoadVantage, the fastest-growing provider of F&I programs for the automotive industry, today announced the successful completion of its SSAE 16 (SOC 1) Type II audit.

After successfully completing the SSAE 16 Type I audit in December, RoadVantage sought the Type II audit to emphasize its dedication to best practices as the company continues its rapid growth. The third-party audit evaluated the execution of RoadVantage’s operational controls and critical procedures.

“The SSAE 16 (SOC 1) Type II audit is really the gold standard within the industry,” said Gary Pennington, Partner at SSAE 16 Professionals, LLP, the firm that conducted the audit. “The Type I audit evaluates the design of internal controls, while the Type II audit measures the operating effectiveness of those controls – how do those controls behave when put into action? This makes the Type II audit much more challenging to successfully complete.”

The audit undergone by RoadVantage was conducted in accordance with the AICPA SOC reporting standards by SSAE 16 Professionals, a full service accounting firm providing SSAE 16 (SOC 1) audits, SOC 2 audits, and other IT compliance audits.

“By successfully completing both the Type I and Type II audits, we demonstrate our ongoing commitment to excellence,” said Garret Lacour, CEO of RoadVantage. “Our customers can be assured that even with our rapid growth, our operational standards are best in class.”

About SSAE 16 (SOC 1) Reports 

SSAE 16 (SOC1) audits, which have effectively replaced SAS 70 reports, are in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization. SOC 1 reports retain the original purpose of SAS 70 by providing a means of reporting on the system of internal control for purposes of complying with internal control over financial reporting. SOC 1 reports are restricted-use reports for the following areas:

  • Management of the service organization (the company who has the SOC 1 performed),
  • User entities of the service organization (service organization’s clients), and
  • The user entities’ financial auditors (user auditor). The report can assist the user entities’ financial auditors with laws and regulations such as the Sarbanes-Oxley Act. A SOC 1 enables the user auditor to perform risk assessment procedures, and if a Type II report is performed, to assess the risk of material misstatement of financial statement assertions affected by the service organization’s processing.
About the author
Kate Spatafora

Kate Spatafora

Managing Editor

Kate Spatafora is the Associate Publisher for MG Business Media.

View Bio
0 Comments