Assurance and Advisory Services

SOC 2 

Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy

These reports are intended to meet the needs of a broad range of users that need to understand internal control at a service organization as it relates to security, availability, processing integrity, confidentiality and privacy. These reports are performed using the AICPA Guide:  Reporting on Controls at a Service Organizations Relevant to Security, Availability, Processing Integrity,  Confidentiality, or Privacy  and are intended for use by stakeholders (e.g., customers, regulators, business partners, suppliers, directors) of the service organization that have a thorough understanding of the service organization and its  internal controls. These reports can form an important part of stakeholders:

  • Oversight of the organization
  • Vendor management program
  • Internal corporate governance and risk management processes
  • Regulatory oversight

Similar to  SOC 1®  engagement there are two types of report : Type 2, report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls; and Type 1, report on management’s description of a service organization’s system and the suitability of the design of controls.  These reports may be restricted in use.  

 

 

Open Hide documents in this section

Page  1 2 3 4 5
Showing results 1 - 15 of 69
Order by:


Audit Data Analytics

Article The AICPA’s Assurance Services Executive Committee (ASEC), has created an Emerging Assurance Technologies Task F
Published on July 26, 2016

Audit Analytics Framework

Article ASEC’s Emerging Assurance Technologies Task Force established the Audit Data Analytics working group, which focuses on what to do with standardized data once it is received. This working group is current exploring how to map the current audit obj
Published on July 26, 2016

Audit Data Analytics Guide

Guide Replaces the current AICPA Analytical Procedures Guide, it discusses audit data analytics and provides examples of how these tools and techniques can be integrated into the audit process at a foundational level.
Published on July 26, 2016

Cybersecurity Resource Center

Tools This webpage provides details and links to valuable resources for CPAs providing cybersecurity advisory and assurance services.
Published on July 07, 2016

Assurance Services Executive Committee

Article The ASEC's mission is to assure the quality, relevance, and usefulness of information or its context for decision makers and other users by identifying and prioritizing emerging trends and market needs for assurance, and developing related assurance methodology guidance and tools as needed.
Published on May 31, 2016

Audit Data Standards

Article Find information and resources to keep abreast of new and emerging reporting and assurance needs and help you embrace new service opportunities.
Published on May 16, 2016

Inventory Subledger Exposure Draft

Exposure Draft The Emerging Assurance Technologies Task Force of the AICPA Assurance Services Executive Committee (ASEC) has issued an exposure draft titled Audit Data Standards – Inventory Subledger Standard.
Published on May 16, 2016

Inventory Subledger Audit Data Standard - Exposure Draft

Exposure Draft The includes IT standards that address the Inventory subledger account. The comment period ends on August 15, 2016.
Published on May 16, 2016

Service Organization Control (SOC) Reports

Overview Service Organization Control  Reports® are internal control reports on the services provided by a service organization. SOC reports provide valuable information users need to assess and address the risks associated with an outsourced service. The AICPA provides tools and resources to CPAs, service organizations and user entities needed to build
Published on May 03, 2016

SOC Reports Information for CPAs

Overview The AICPA has introduced SERVICE ORGANIZATION CONTROL REPORTS® and identified 3 different engagements (SOC 1, SOC 2 and SOC 3) that involve reporting on controls at a service organization.
Published on May 03, 2016

Assurance and Advisory

Overview Find information and resources to keep abreast of new and emerging reporting and assurance needs and help you embrace new service opportunities.
Published on May 03, 2016

SOC Guides and Publications

Article Review valuable SOC guides and publications to help your professional competency and increase your value to your clients.
Published on April 11, 2016

AICPA Service Organization Control Reports Logos

Article SOC 1, SOC 2 and SOC 3 and the associated logos are trademarks, service marks and certification marks of the American Institute of Certified Public Accountants (AICPA), which reserve
Published on April 02, 2016

SOC Logo Guidelines for Service Organizations

Terms and Conditions Before downloading the Service Organization Logo or displaying it on any website, you must read and understand these Guidelines.  Please also note that the Guidelines are subject to change by the AICPA without prior notice.  You are responsible for maintaining familiarity with the current Guidelines during the course of your
Published on April 01, 2016

SOC Logo Guidelines for CPAs

Terms and Conditions Before downloading the Service Organization Logo or displaying it on any website, you must read and understand these Guidelines.  Please also note that the Guidelines are subject to change by the AICPA without prior notice.  You are responsible for maintaining familiarity with the current Guidelines during the course of your
Published on April 01, 2016

Page  1 2 3 4 5
Showing results 1 – 15 of 69
Show Results per page
Copyright © 2006-2016 American Institute of CPAs.