This section explores Financial Statement Audits, Internal Control and the control environment, risk assessment, control activities, information and communication monitoring. It covers Service Organization Control (SOC 1), Statement on Audit Standards, and Segregation of Duties.
Segregation of Duties (SOD) is a basic building block of sustainable risk management and internal controls for a business.
COSO Proposed Internal Control - Integrated Framework
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released the Internal Control -- Integrated Framework (IC-IF) back in 1992. The organization released an updated framework May 14, 2013.
Visit the Internal Control pages for additional information.
Statement on Audit Standards
These resources help support the CPA's efforts towards providing quality assurance services. When used appropriately, the CPA can provide independent and professional opinions that improve the quality of information to management as well as other decision makers within an organization.
Service Organization Control (SOC1)
Today, it is common for entities to outsource business tasks or functions to service organizations, even those that are core to an entity’s operations. Although user entities may rely on a service organization to perform outsourced tasks or functions, the user entity still retains responsibility (and the risks associated) for the service it provides to its customers.
Learn more about SOC reports covering controls over security, availability, processing integrity, confidentiality or privacy.
Visit the Service Organization Control Reporting for additional information.
Institute of Internal Auditors
The Institute of Internal Auditors (IIA) is an international professional association that offers certification, education, research, and technological guidance for internal auditors.
ISACA is a global organization for information governance, control, security and audit professionals. It offers IS auditing and IS control standards.
Public Company Accounting Oversight Board
The PCAOB is a private-sector, non-profit corporation, created by the Sarbanes-Oxley Act of 2002, to oversee the auditors of public companies in order to protect the interests of investors and further the public interest in the preparation of informative, fair, and independent audit reports.