Assurance and Advisory Services

    SOC 2 

    Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy

    These reports are intended to meet the needs of a broad range of users that need to understand internal control at a service organization as it relates to security, availability, processing integrity, confidentiality and privacy. These reports are performed using the AICPA Guide:  Reporting on Controls at a Service Organizations Relevant to Security, Availability, Processing Integrity,  Confidentiality, or Privacy  and are intended for use by stakeholders (e.g., customers, regulators, business partners, suppliers, directors) of the service organization that have a thorough understanding of the service organization and its  internal controls. These reports can form an important part of stakeholders:

    • Oversight of the organization
    • Vendor management program
    • Internal corporate governance and risk management processes
    • Regulatory oversight

    Similar to  SOC 1®  engagement there are two types of report : Type 2, report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls; and Type 1, report on management’s description of a service organization’s system and the suitability of the design of controls.  These reports may be restricted in use.  

     

     

    Open Hide documents in this section

    Page  1 2 3 4 5
    Showing results 1 - 15 of 61
    Order by:


    Trust Services and Information Integrity

    Article The Trust Information Integrity Task Force is focused on updating and maintaining the Trust Services Principles and Criteria (TSPC) and creating a framework of principles and criteria to provide assurance on the integrity of information. The task force is also developing a Audit Guide on reporting on controls relevant to the security, availability,
    Published on August 28, 2015

    SOC 2 Additional Subject Matter

    Article Learn about additional considerations when a service organization requests that the service auditor’s report address either criteria in addition to the applicable trust services criteria or additional subject matter related to the service organization’s services using additional suitable criteria related to that subject matter, or both.
    Published on August 28, 2015

    Audit Data Standards

    Article Find information and resources to keep abreast of new and emerging reporting and assurance needs and help you embrace new service opportunities.
    Published on August 21, 2015

    Continuous Assurance & Continuous Control Monitoring

    Article The Assurance Services Executive Committee (ASEC) Emerging Assurance Technologies Task Force is responsible for developing a conceptual framework and guidance to capitalize on emerging technologies affecting the business information supply chain, covering both internal and external reporting.
    Published on August 20, 2015

    Audit Data Analytics

    Article The AICPA’s Assurance Services Executive Committee (ASEC), has created an Emerging Assurance Technologies Task Force (TF), which has worked primarily on three projects related
    Published on August 20, 2015

    Audit Analytics and Continuous Audit Looking Toward the Future

    Article This book is a compendium of essays written by different subject matter experts that expands upon the CICA and AICPA 1999 research report to discuss the following topics: Audit Analytics The theory of modern continuous assurance
    Published on August 20, 2015

    Audit Data Standards

    Article Find information and resources to keep abreast of new and emerging reporting and assurance needs and help you embrace new service opportunities.
    Published on August 10, 2015

    Audit Analytics Framework

    Article ASEC’s Emerging Assurance Technologies Task Force established the Audit Data Analytics working group, which focuses on what to do with standardized data once it is received. This working group is current exploring how to map the current audit objectives
    Published on August 03, 2015

    Audit Data Standards Procure to Pay Standard

    Article This Audit Data Standard includes information specific to the Procure to Pay process and related accounts.
    Published on August 03, 2015

    Audit Data Standards Order to Cash Standard

    Article This Audit Data Standard includes information specific the Order to Cash process and related accounts.
    Published on August 03, 2015

    Audit Data Standards General Ledger Standard

    Article This Audit Data Standard includes information specific to General Ledger accounts.
    Published on August 03, 2015

    Audit Data Standards - Base Standard

    Article The base standard document includes information on formats for files and fields that should be used in conjunction with each audit data standard document.
    Published on August 03, 2015

    Audit Data Standards Library

    Article ASEC’s Emerging Assurance Technologies Task Force have created the Audit Data Standards. View all of the Standards here.
    Published on July 30, 2015

    Assurance and Advisory

    Overview Find information and resources to keep abreast of new and emerging reporting and assurance needs and help you embrace new service opportunities.
    Published on July 30, 2015

    Service Organization Control (SOC) Reports

    Overview Service Organization Control  Reports® are internal control reports on the services provided by a service organization. SOC reports provide valuable information users need to assess and address the risks associated with an outsourced service. The AICPA provides tools and resources to CPAs, service organizations and user entities needed to build
    Published on July 14, 2015

    Page  1 2 3 4 5
    Showing results 1 – 15 of 61
    Show Results per page
    Copyright © 2006-2015 American Institute of CPAs.