AICPA RSS
x
Username

Password

Remember Me Register | Forgot Username? | Password?


Home Interest Areas Financial Reporting Center Assurance and Advisory Services SOC 2

Assurance and Advisory Services

SOC 2 

Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy

These reports are intended to meet the needs of a broad range of users that need to understand internal control at a service organization as it relates to security, availability, processing integrity, confidentiality and privacy. These reports are performed using the AICPA Guide:  Reporting on Controls at a Service Organizations Relevant to Security, Availability, Processing Integrity,  Confidentiality, or Privacy  and are intended for use by stakeholders (e.g., customers, regulators, business partners, suppliers, directors) of the service organization that have a thorough understanding of the service organization and its  internal controls. These reports can form an important part of stakeholders:

  • Oversight of the organization
  • Vendor management program
  • Internal corporate governance and risk management processes
  • Regulatory oversight

Similar to  SOC 1  there are two types of report : Type 2, report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls; and Type 1, report on management’s description of a service organization’s system and the suitability of the design of controls.  These reports may be restricted in use.  

 

 

Open Hide documents in this section

Page  1 2 3
Showing results 1 - 15 of 41
Order by:


SOC Logo Guidelines for Service Organizations

Terms and Conditions Before downloading the Service Organization Logo or displaying it on any website, you must read and understand these Guidelines.  Please also note that the Guidelines are subject to change by the AICPA without prior notice.  You are responsible for maintaining familiarity with the current Guidelines during the course of your
Published on May 23, 2013

SOC Logo Guidelines for CPAs

Terms and Conditions Before downloading the Service Organization Logo or displaying it on any website, you must read and understand these Guidelines.  Please also note that the Guidelines are subject to change by the AICPA without prior notice.  You are responsible for maintaining familiarity with the current Guidelines during the course of your
Published on May 23, 2013

SOC Reports Information for CPAs

Overview The AICPA has introduced SERVICE ORGANIZATION CONTROL REPORTSSM and identified 3 different engagements (SOC 1, SOC 2 and SOC 3) that involve reporting on controls at a service organization.
Published on May 09, 2013

SOC 1

Article Report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting These reports, prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at
Published on May 07, 2013

Service Organization Controls (SOC) Reports for Service Organizations

Overview Service Organization Controls (SOC) reports are designed to help service organizations, organizations that operate information systems and provide information system services to other entities, build trust and confidence in their service delivery processes and controls through a report by an independent Certified Public Accountant.  Each type of SOC report is designed to help
Published on April 08, 2013

Service Organization Control (SOC) Reports

Overview Service Organization Control (SOC) reports are internal control reports on the services provided by a service organization. SOC reports provide valuable information users need to assess and address the risks associated with an outsourced service. The AICPA provides tools and resources to CPAs, service organizations and user entities needed to
Published on March 21, 2013

Assurance and Advisory Services

Overview Find information and resources to keep abreast of new and emerging reporting and assurance needs and help you embrace new service opportunities.
Published on March 15, 2013

CSA Position Paper on AICPA Service Organization Control Reports

White Paper The Cloud Security Alliance (CSA) has drafted this position paper as a means of educating its members and providing guidance regarding the type of engagement a CPA could perform to provide their customers with assurance on the service organization's controls.
Published on March 07, 2013

Evolution of Auditing From the Traditional Approach to the Future Audit

White Paper The purpose of this white paper is to discuss the evolution of auditing and the history of the traditional audit. This white paper is the second essay in the update to the 1999 CICA and AICPA Research Report on Continuous Auditing and is published with the intent of offering insight
Published on March 05, 2013

ASEC Whitepaper - Information Integrity

White Paper This white paper's purpose is to define what information integrity means and provide context for it to users, preparers and practitioners. The subject matter is of interest to AICPA members, including both members in public practice and business and industry, those in the accounting profession as a whole, and other
Published on January 31, 2013

Continuous Assurance Working Group

Article The Assurance Services Executive Committee (ASEC) Emerging Assurance Technologies Task Force is responsible for developing a conceptual framework and guidance to capitalize on emerging technologies affecting the business information supply chain, covering both internal and external reporting.
Published on January 28, 2013

Trust Services and Information Integrity

Article The Trust Services/Data Integrity Task Force is focused on updating and maintaining the Trust Services Principles and Criteria (TSPC) and creating a framework of principles and criteria to provide assurance on the integrity of information. The task force is also developing a Audit Guide on reporting on controls relevant to the security,
Published on January 25, 2013

SOC Toolkit for Firms

Article To help firms navigate this emerging service area, establish a niche practice and help clients, prospects and service organizations understand the benefits of SOC engagements, the AICPA has created a number of free resources and marketing materials in this helpful toolkit.
Published on January 24, 2013

Assurance Services Executive Committee

Article About the Committee The Assurance Services Executive Committee's (ASEC) mission is to assure the quality, relevance, and usefulness of information or its
Published on January 24, 2013

Report of the Special Committee on Assurance Services (The Elliott Report)

Tools .zip version of the Assurance Services CD-ROM for download and installation from aicpa.org
Published on January 17, 2013

Page  1 2 3
Showing results 1 – 15 of 41
Show Results per page
Copyright © 2006-2013 American Institute of CPAs.