As a compliance officer evaluating cloud service providers (CSPs) for your organization, you are tasked with determining the most relevant SSAE audit report to request from potential CSPs to assess their controls over data security and privacy. Considering the varying levels of detail and audience specificity among SSAE audit reports, which type of report is most appropriate for obtaining a comprehensive understanding of a CSP's controls without restricting the audience to management-level insiders?