Username

Password

Remember Me Register | Forgot Username? | Password?

Home Interest Areas Financial Reporting Center Assurance and Advisory Services Trust Services and Information Integrity

Assurance and Advisory Services

Browse

By Topic

... Click to view more

[x]

By Document Type

... Click to view more

[x]

Member Only Content

AICPA Membership (4)

By Date

Trust Services and Information Integrity

The ASEC Trust Services/Data Integrity Task Force is focused on updating and maintaining the Trust Services Principles and Criteria (TSPC) and creating a framework of principles and criteria to provide assurance on the integrity of information.

Trust Services are a set of professional attestation and advisory services based on a core set of principles and criteria that address the risks and opportunities of IT-enabled systems and privacy programs. The following principles and related criteria are used by practitioners in the performance of Trust Services engagements:

Security. The system is protected against unauthorized access (both physical and logical).
Availability. The system is available for operation and use as committed or agreed.
Processing integrity. System processing is complete, accurate, timely, and authorized.
Confidentiality. Information designated as confidential is protected as committed or agreed.
Privacy. Personal information is collected, used, retained, disclosed and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in Generally Accepted Privacy Principles issued by the AICPA and CICA.

The TSPC of security, availability and processing integrity are used to evaluate whether a system is reliable. The TSPC can be found in the AICPA Technical Practice Aids Volume 1. SysTrust and WebTrust are two specific branded assurance services offerings that are based on the TSPC. Practitioners must be licensed by the Canadian Institute of Chartered Accountants (CICA) to use these registered service marks. For more information on licensure see www.webtrust.org or contact Bryan Walker at Bryan.Walker@cica.ca.

The Task Force has developed the SOC 2 Guide, Reporting on Controls at a Service Organization Relevant to the Security, Availability Processing Integrity, Confidentiality or Privacy of User Entities Information- An Application of the Trust Services Principles and Criteria. Learn more about Service Organization Control (SOC) reporting.

In conjunction with the with the Canadian Institute of Chartered Accountants the task force recently issued a white paper on Information Integrity. The purpose of the paper is to define what information integrity means and provide context for it for users and preparers of information and providers of assurance on such information. The white paper focuses on what it means for information to have integrity and how information integrity can be achieved and maintained.

Technical Practice Aids

Contains all outstanding AICPA Statements of Position, Practice Bulletins and Practice Alerts.

Open Hide documents in this section

Page 1 2 3

Showing results 1 - 15 of 44

Order by:

The Economics of Sustainability Initiatives

White Paper: This paper, a part of the Sustainability Reporting and Assurance Series: How to Capitalize on Emerging Sustainability Trends, discusses the economics of sustainability initiatives.
Published on June 18, 2013

Sustainability Assurance and Advisory Task Force

Overview: This page discusses initiatives by the Sustainability Assurance and Advisory Task Force.
Published on June 14, 2013

Assurance and Advisory Services

Overview: Find information and resources to keep abreast of new and emerging reporting and assurance needs and help you embrace new service opportunities.
Published on June 14, 2013

Exposure Draft - Audit Data Standard

Article: The Emerging Assurance Technologies Task Force of the AICPA Assurance Services Executive Committee (ASEC) has issued an exposure draft titled Audit Data Standard. The full exposure draft, dated July 18, 2012, includes standards that address both the g
Published on June 06, 2013

SOC Logo Guidelines for Service Organizations

Terms and Conditions: Before downloading the Service Organization Logo or displaying it on any website, you must read and understand these Guidelines. Please also note that the Guidelines are subject to change by the AICPA without prior notice. You are responsible for maintaining familiarity with the current Guidelines during the course of your
Published on May 23, 2013

SOC Logo Guidelines for CPAs

SOC Reports Information for CPAs

Overview: The AICPA has introduced SERVICE ORGANIZATION CONTROL REPORTSSM and identified 3 different engagements (SOC 1, SOC 2 and SOC 3) that involve reporting on controls at a service organization.
Published on May 09, 2013

SOC 1

Article: Report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting These reports, prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at
Published on May 07, 2013

Service Organization Controls (SOC) Reports for Service Organizations

Overview: Service Organization Controls (SOC) reports are designed to help service organizations, organizations that operate information systems and provide information system services to other entities, build trust and confidence in their service delivery processes and controls through a report by an independent Certified Public Accountant. Each type of SOC report is designed to help
Published on April 08, 2013

Service Organization Control (SOC) Reports

Overview: Service Organization Control (SOC) reports are internal control reports on the services provided by a service organization. SOC reports provide valuable information users need to assess and address the risks associated with an outsourced service. The AICPA provides tools and resources to CPAs, service organizations and user entities needed to
Published on March 21, 2013

CSA Position Paper on AICPA Service Organization Control Reports

White Paper: The Cloud Security Alliance (CSA) has drafted this position paper as a means of educating its members and providing guidance regarding the type of engagement a CPA could perform to provide their customers with assurance on the service organization's controls.
Published on March 07, 2013

Evolution of Auditing From the Traditional Approach to the Future Audit

White Paper: The purpose of this white paper is to discuss the evolution of auditing and the history of the traditional audit. This white paper is the second essay in the update to the 1999 CICA and AICPA Research Report on Continuous Auditing and is published with the intent of offering insight
Published on March 05, 2013

ASEC Whitepaper - Information Integrity

White Paper: This white paper's purpose is to define what information integrity means and provide context for it to users, preparers and practitioners. The subject matter is of interest to AICPA members, including both members in public practice and business and industry, those in the accounting profession as a whole, and other
Published on January 31, 2013

Continuous Assurance Working Group

Article: The Assurance Services Executive Committee (ASEC) Emerging Assurance Technologies Task Force is responsible for developing a conceptual framework and guidance to capitalize on emerging technologies affecting the business information supply chain, covering both internal and external reporting.
Published on January 28, 2013

Trust Services and Information Integrity

Article: The Trust Services/Data Integrity Task Force is focused on updating and maintaining the Trust Services Principles and Criteria (TSPC) and creating a framework of principles and criteria to provide assurance on the integrity of information. The task force is also developing a Audit Guide on reporting on controls relevant to the security,
Published on January 25, 2013

Page 1 2 3

Showing results 1 – 15 of 44

Show Results per page