Assurance and Advisory Services

Assurance and Advisory 

Accounting & Financial Reporting
Industry Insights
Audit & Attest
Review, Compilation & Preparation
Assurance & Advisory


CPAs are constantly challenged to stay relevant and competitive. Services provided by CPAs on subject matter other than historical financial statements add significant value in the marketplace. The information and resources here will help you keep abreast of new and emerging reporting and assurance needs and will provide you with the needed measurement criteria, guidance, tools, education and other support to help you embrace new service opportunities.

Service Organization Controls XBRL Assurance Audit Data Analytics
Guidance on Service Organization Control Reports.
Guidance on the assurance of XBRL-related documents. Guidance and tools to help facilitate the use of audit data analytics.

Assurance Services Executive Committee and Task Forces

The Assurance Services Executive Committee (ASEC) addresses the needs of all AICPA members in evaluating the integrity and usefulness of information they produced  by providing supporting assurance and advisory services to benefit clients, regulators and the public.  ASEC continually strives to identify emerging risks, technologies, needs, and service opportunities.

ASEC and its related Task Forces create information guidance and whitepapers, for AICPA members, on various topics. Visit the Committee page or the individual Task Force pages for more information.


Trust Services and Information Integrity

Trust Services are a set of professional attestation and advisory services based on a core set of principles and criteria that address the risks and opportunities of IT-enabled systems and privacy programs.

ASEC Trust Information Integrity Task Force is responsible for the Trust Service Principles and criteria (TSPC), including the technical accuracy, expanding its scope for information integrity and developing related services that leverage the TSPC.
The AICPA has released the Trust Services Principals, Criteria and Illustrations resource. This resource presents measurement criteria for use when providing attestation or consulting services to evaluate controls relevant to the security, availability, and processing integrity of a system, and the confidentiality and privacy of the information processed by the system.

The guidance was established by the Assurance Services Executive Committee (ASEC) of the AICPA, and is necessary when performing SOC 2® and SOC 3® engagements.

This edition improves clarity and eliminates redundancy, and updates the criteria based on the changing technology and business environment.
ASEC Cybersecurity Initiative

The ASEC formed a working group under the ASEC Trust Information Integrity Task Force to develop an engagement around cybersecurity that CPAs can use to assist boards of directors, senior management, and other pertinent stakeholders as they evaluate the effectiveness of an entity’s cybersecurity risk management program. Visit the ASEC Cybersecurity Initiative page for related information.

Other Initiatives

Reporting on a PMA or an EPA for Electronically Prescribing Controlled Substances

The AICPA has developed illustrative reports to assist CPAs in reporting on whether a pharmacy management application (PMA) or an electronic prescription application (EPA) used for electronically prescribing controlled substances meets the criteria established by the U.S. Drug Enforcement Administration and whether an entity’s controls over the processing integrity and security of the PMA or EPA were operating effectively during the period covered by the report to meet the criteria for processing integrity and security included in TSP section 100.

Additional Resources
Other resources that may be of interest to AICPA members:


Copyright © 2006-2017 American Institute of CPAs.