Assurance and Advisory Services

Assurance and Advisory 

Accounting & Financial Reporting
Industry Insights
Audit & Attest
Review, Compilation & Preparation
Assurance & Advisory


CPAs are constantly challenged to stay relevant and competitive. Services provided by CPAs on subject matter other than historical financial statements add significant value in the marketplace. The information and resources here will help you keep abreast of new and emerging reporting and assurance needs and will provide you with the needed measurement criteria, guidance, tools, education and other support to help you embrace new service opportunities.

System and Organization Controls (SOC) XBRL Assurance Audit Data Analytics
Guidance on SOC Suite of Services.
Guidance on the assurance of XBRL-related documents. Guidance and tools to help facilitate the use of audit data analytics.

Assurance Services Executive Committee and Task Forces

The Assurance Services Executive Committee (ASEC) addresses the needs of all AICPA members in evaluating the integrity and usefulness of information they produced  by providing supporting assurance and advisory services to benefit clients, regulators and the public.  ASEC continually strives to identify emerging risks, technologies, needs, and service opportunities.

ASEC and its related Task Forces create information guidance and whitepapers, for AICPA members, on various topics. Visit the Committee page or the individual Task Force pages for more information.


Trust Services and Information Integrity

Trust Services are a set of professional attestation and advisory services based on a core set of principles and criteria that address the risks and opportunities of IT-enabled systems and privacy programs.

ASEC Trust Information Integrity Task Force is responsible for the Trust Service Principles and criteria (TSPC), including the technical accuracy, expanding its scope for information integrity and developing related services that leverage the TSPC.
Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (control criteria), are intended for use by CPAs to  provide advisory or attestation services to evaluate the controls within an entity’s cyber risk management program, or for SOC 2® and SOC 3® engagements. Management also may use the trust services criteria to evaluate the suitability of design and operating effectiveness of controls.

Other Initiatives

Reporting on a PMA or an EPA for Electronically Prescribing Controlled Substances

The AICPA has developed illustrative reports to assist CPAs in reporting on whether a pharmacy management application (PMA) or an electronic prescription application (EPA) used for electronically prescribing controlled substances meets the criteria established by the U.S. Drug Enforcement Administration and whether an entity’s controls over the processing integrity and security of the PMA or EPA were operating effectively during the period covered by the report to meet the criteria for processing integrity and security included in TSP section 100.

Additional Resources
Other resources that may be of interest to AICPA members:


Copyright © 2006-2017 American Institute of CPAs.