Assurance and Advisory Services

    SOC 2 

    Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy

    These reports are intended to meet the needs of a broad range of users that need to understand internal control at a service organization as it relates to security, availability, processing integrity, confidentiality and privacy. These reports are performed using the AICPA Guide:  Reporting on Controls at a Service Organizations Relevant to Security, Availability, Processing Integrity,  Confidentiality, or Privacy  and are intended for use by stakeholders (e.g., customers, regulators, business partners, suppliers, directors) of the service organization that have a thorough understanding of the service organization and its  internal controls. These reports can form an important part of stakeholders:

    • Oversight of the organization
    • Vendor management program
    • Internal corporate governance and risk management processes
    • Regulatory oversight

    Similar to  SOC 1®  engagement there are two types of report : Type 2, report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls; and Type 1, report on management’s description of a service organization’s system and the suitability of the design of controls.  These reports may be restricted in use.  

     

     

    Open Hide documents in this section

    Page  1 2 3 4
    Showing results 1 - 15 of 55
    Order by:


    Assurance Services Executive Committee

    Article About the Committee The Assurance Services Executive Committee's (ASEC) mission is to assure the quality, relevance, and usefulness of information or
    Published on December 19, 2014

    AICPA Service Organization Control Reports Logos

    Article SOC 1, SOC 2 and SOC 3 and the associated logos are trademarks, service marks and certification marks of the American Institute of Certified Public Accountants (AICPA), which reserves all rights. AICPA has
    Published on December 19, 2014

    Service Organization Control (SOC) Reports

    Overview Service Organization Control  Reports® are internal control reports on the services provided by a service organization. SOC reports provide valuable information users need to assess and address the risks associated with an outsourced service. The AICPA provides tools and resources to CPAs, service organizations and user entities needed to build
    Published on December 19, 2014

    Users and User Entities

    Article Many companies function more efficiently and profitably by outsourcing tasks or entire functions to service organizations that have the personnel, expertise, equipment, or technology to accomplish these tasks or functions. Examples of  such service
    Published on December 19, 2014

    Service Organization Controls (SOC) Reports for Service Organizations

    Overview Service Organization Controls (SOC) reports are designed to help service organizations, organizations that operate information systems and provide information system services to other entities, build trust and confidence in their service delivery processes and controls through a report by an independent Certified Public Accountant.  Each type of SOC report is designed to help
    Published on December 19, 2014

    SOC Reports Information for CPAs

    Overview The AICPA has introduced SERVICE ORGANIZATION CONTROL REPORTS® and identified 3 different engagements (SOC 1, SOC 2 and SOC 3) that involve reporting on controls at a service organization.
    Published on December 19, 2014

    SOC 3

    Article Trust Services Report for Service Organizations SOC 3® reports are designed to meet the needs of uses who want assurance on the controls at a service organization related to security, availability, processing integrity, confidentiality, or priv
    Published on December 19, 2014

    Assurance and Advisory

    Overview Find information and resources to keep abreast of new and emerging reporting and assurance needs and help you embrace new service opportunities.
    Published on December 19, 2014

    Service Organization Control Reports Flyer

    Brochure Which SOC report is right for your client? This flyer explains the three types of SOC reports and gives insights into the users who rely on each type of report.
    Published on December 19, 2014

    SOC Reports(SM) Powerpoint

    Presentation The AICPA developed resources to help CPAs explain the new series of SOC reports to current and potential clients, and for firms to market their services to them. Use this PowerPoint which includes speaker notes to conduct presentations on the new SOC reports.
    Published on December 19, 2014

    Audit Data Standard Procure to Pay Subledger Standard

    Exposure Draft This exposure draft contains audit data standards for review and comment by the AICPA’s membership and other interested parties. The audit data standards were developed by the Emerging Assurance Technologies Task Force of the AICPA Assurance Services Executive Committee for possible issuance by the committee.
    Published on December 02, 2014

    Audit Data Standard Order to Cash Subledger Standard

    Exposure Draft This exposure draft contains audit data standards for review and comment by the AICPA’s membership and other interested parties. The audit data standards were developed by the Emerging Assurance Technologies Task Force of the AICPA Assurance Services Executive Committee for possible issuance by the committee.
    Published on December 02, 2014

    Audit Data Standards Group Exposure Drafts

    Article Housed here are the exposure drafts released by the Emerging Assurance Technologies Task Force of the AICPA Assurance Services Executive Committee.
    Published on December 02, 2014

    Audit Data Standard Working Group

    Article ASEC’s Emerging Assurance Technologies Task Force established the Audit Data Standard working group. The first three Audit Data Standards have been released: base standard, general ledger standard, and accounts receivable subledger standard.
    Published on December 02, 2014

    BRAAS Team Project Timetable as of September 2014

    Article Keep up with the Business Reporting, Assurance and Advisory Services team with this calendar of projects and initiatives.
    Published on October 07, 2014

    Page  1 2 3 4
    Showing results 1 – 15 of 55
    Show Results per page
    Copyright © 2006-2014 American Institute of CPAs.