AICPA RSS
x
Username

Password

Remember Me Register | Forgot Username? | Password?


Home Interest Areas Financial Reporting Center Assurance and Advisory Services SOC 2

Assurance and Advisory Services

SOC 2 

Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy

These reports are intended to meet the needs of a broad range of users that need to understand internal control at a service organization as it relates to security, availability, processing integrity, confidentiality and privacy. These reports are performed using the AICPA Guide:  Reporting on Controls at a Service Organizations Relevant to Security, Availability, Processing Integrity,  Confidentiality, or Privacy  and are intended for use by stakeholders (e.g., customers, regulators, business partners, suppliers, directors) of the service organization that have a thorough understanding of the service organization and its  internal controls. These reports can form an important part of stakeholders:

  • Oversight of the organization
  • Vendor management program
  • Internal corporate governance and risk management processes
  • Regulatory oversight

Similar to  SOC 1  there are two types of report : Type 2, report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls; and Type 1, report on management’s description of a service organization’s system and the suitability of the design of controls.  These reports may be restricted in use.  

 

 

Open Hide documents in this section

Page  1 2
Showing results 1 - 15 of 25
Order by:


Service Organization Control (SOC) Reports

Overview :  Service Organization Control (SOC) reports are internal control reports on the services provided by a service organization. SOC reports provide valuable information users need to assess and address the risks associated with an outsourced service. The AICPA provides tools and resources to CPAs, service organizations and user entities needed to
Published on May 17, 2012

Assurance and Advisory Services

Article :   
Published on April 23, 2012

AICPA Service Organization Control Reports Logos

Article :  SOC 1, SOC 2 and SOC 3 and the associated logos are trademarks, service marks and certification marks of the American Institute of Certified Public Accountants (AICPA), which reserves all rights. AICPA has
Published on February 24, 2012

SOC Logo Guidelines for Service Organizations

Terms and Conditions :  Before downloading the Service Organization Logo or displaying it on any website, you must read and understand these Guidelines.  Please also note that the Guidelines are subject to change by the AICPA without prior notice.  You are responsible for maintaining familiarity with the current Guidelines during the course of your
Published on February 24, 2012

SOC Logo Guidelines for CPAs

Terms and Conditions :  Before downloading the Service Organization Logo or displaying it on any website, you must read and understand these Guidelines.  Please also note that the Guidelines are subject to change by the AICPA without prior notice.  You are responsible for maintaining familiarity with the current Guidelines during the course of your
Published on February 24, 2012

SOC Reports Information for Service Organizations

Overview :  Service Organization Controls (SOC) reports are designed to help service organizations, organizations that operate information systems and provide information system services to other entities, build trust and confidence in their service delivery processes and controls through a report by an independent Certified Public Accountant.  Each type of SOC report is designed to help
Published on February 13, 2012

Users and User Entities

Article :  Many companies function more efficiently and profitably by outsourcing tasks or entire functions to service organizations that have the personnel, expertise, equipment, or technology to accomplish these tasks or functions. Examples of  such services incl
Published on February 10, 2012

ASSURANCE SERVICES EXECUTIVE COMMITTEE ROSTER

Objectives or Roster :  View a roster of the 2011-2012 Assurance Services Executive Committee
Published on December 15, 2011

Assurance Services Executive Committee

Article :  Mission and Objectives The Assurance Services Executive Committee's (ASEC) mission is to assure the quality, relevance, and usefulness of information or its context for decision makers and other users by (1) identifying and prioritizing emergin
Published on December 12, 2011

SOC 1

Article :  Report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting These reports, prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a
Published on November 29, 2011

Trust Services and Information Integrity

Article :  The Trust Services/Data Integrity Task Force is focused on updating and maintaining the Trust Services Principles and Criteria (TSPC) and creating a framework of principles and criteria to provide assurance on the integrity of information. The task force is also developing a Audit Guide on reporting on controls relevant to the security,
Published on October 31, 2011

SOC Reports Information for CPAs

Overview :  To make CPAs aware of the various standards available to them for examining and  reporting on controls at a service organization, and to help CPAs select the appropriate standard for a particular engagement, the AICPA has introduced SERVICE ORGANIZATION CONTROL REPORTSSM and identified 3 different engagements (SOC 1, SOC 2 and SOC
Published on October 21, 2011

FAQ Service Organizations Standards and Implementation Guidance

FAQ :  SSAE 16 (and also SAS 70) enables CPAs to provide two types of service auditor’s reports. This document contains questions and answers to help explain the changes resulting from the issuance of SSAE 16. Updated September 2011 to reflect the issuance of the SOC 1 and SOC 2 guides
Published on October 11, 2011

SOC Reports Article

Tools :  The AICPA developed resources to help CPAs explain the new series of SOC reports to current and potential clients, and for firms to market their services to them. Post this article on your website or run it in your firm’s digital or print publications/mailings.
Published on August 05, 2011

SOC Reports Member Toolkit

Tools :  The AICPA developed resources to help CPAs explain the new series of SOC reports to current and potential clients, and for firms to market their services to them. Post the article on your website or run it in your firm’s digital or print publications and mailings. Conduct presentations using the PowerPoint that
Published on August 05, 2011

Page  1 2
Showing results 1 – 15 of 25
Show Results per page
Copyright © 2006-2012 American Institute of CPAs.