AICPA RSS
x
Username

Password

Remember Me Register | Forgot Username? | Password?


Home Interest Areas Financial Reporting Center Assurance and Advisory Services

Assurance and Advisory Services

Assurance and Advisory Services 



Image Map

CPAs are constantly challenged to stay relevant and competitive. Services provided by CPAs on subject matter other than historical financial statements add significant value in the marketplace. The information and resources here will help you keep abreast of new and emerging reporting and assurance needs and will provide you with the needed measurement criteria, guidance, tools, education and other support to help you embrace new service opportunities.




Service Organization Controls XBRL Assurance Risk Assurance and Advisory Services
Guidance on Service Organization Control Reports.

Guidance on the assurance of XBRL-related documents.
 
Guidance on the assurance of enterprise risk management processes.

Assurance Services Executive Committee and Task Forces

The Assurance Services Executive Committee (ASEC) addresses the needs of all AICPA members in evaluating the integrity and usefulness of information they produced  by providing supporting assurance and advisory services to benefit clients, regulators and the public.  ASEC continually strives to identify emerging risks, technologies, needs, and service opportunities.

ASEC and its related Task Forces create information guidance and whitepapers, for AICPA members, on various topics. Visit the Committee page or the individual Task Force pages for more information.

 

Trust Services and Information Integrity

Trust Services are a set of professional attestation and advisory services based on a core set of principles and criteria that address the risks and opportunities of IT-enabled systems and privacy programs.

ASEC Trust/Data Integrity Task Force is responsible for the Trust Service Principles and criteria (TSPC), including the technical accuracy, expanding its scope for information integrity and developing related services that leverage the TSPC. 
Other Initiatives


Reporting on a PMA or an EPA for Electronically Prescribing Controlled Substances

The AICPA has developed illustrative reports to assist CPAs in reporting on whether a pharmacy management application (PMA) or an electronic prescription application (EPA) used for electronically prescribing controlled substances meets the criteria established by the U.S. Drug Enforcement Administration and whether an entity’s controls over the processing integrity and security of the PMA or EPA were operating effectively during the period covered by the report to meet the criteria for processing integrity and security included in TSP section 100.

 
   
   

Federal Risk and Authorization Program

The Federal Risk and Authorization Management Program (FedRAMP) created a government-wide standardized approach for assessing, authorizing, and monitoring the security of systems providing cloud products and services to Federal agencies. Under this program, third party assessment organizations perform independent verifications of the security controls utilized by cloud service providers’ information systems. However, the reporting format prescribed by FedRAMP for third party assessments differs substantially from the format AICPA members currently use to report on controls at service organizations. The ASEC Trust Information Integrity Task Force formed a working group which has met with FedRAMP representatives on multiple occasions and has made significant progress in developing a reporting format that would comply with current AICPA reporting standards while also meeting the requirements of the FedRAMP program. A recent FedBizOpps notice announced, effective March 25, 2013, FedRAMP will stop accepting new application packages from organizations applying to become accredited Third Party Assessment Organizations and will not accept any resubmitted application packages from previous applicants in response to letters of non-conformity from the FedRAMP PMO. Any firms considering applying before March 25, 2013 should indicate in their application packages the report is subject to final approval between FedRAMP and the AICPA.

Additional Resources
 
Other resources that may be of interest to AICPA members:

NewsNews

TrainingTraining & Development

Copyright © 2006-2013 American Institute of CPAs.