|
|
|||
|
||||
OverviewAICPA Guides are developed and updated to provide guidance and discussions specific to current industry developments and trends. This guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy (SOC 2(R)) provides how-to guidance for service auditors performing examinations under AT section 101, Attest Engagements (AICPA, Professional Standards), to report on a service organization's controls over its system relevant to security, availability, processing integrity, confidentiality, or privacy, commonly referred to as a service organization controls (SOC) 2 engagement. Updated as of July 1, 2015, the guide includes relevant guidance contained in applicable standards and other technical sources. It explains the relationship between a service organization and its user entities, provides examples of service organizations including those that provide cloud computing services, identifies the criteria in Trust Service Principles and Criteria as the criteria to be used to evaluate the design and operating effectiveness of controls, explains the difference between a type 1 and type 2 SOC 2(R) report and provides an overview of the three reporting options for CPAs reporting on controls at a service organization. It describes the matters to be considered and procedures to be performed by the service auditor in planning and performing the engagement to test (1) the fairness of the presentation of management s description of the service organization s system; and (2) the suitability of the design and operating effectiveness of the controls included in the description. It also covers the service auditor s responsibilities when reporting on a SOC 2 engagement. This updated guide includes expanded practice guidance to assist the service auditor in performing a SOC 2 engagement and in understanding the service organization s system in assessing the suitability of the design of the controls to meet the trust services criteria. It includes a comprehensive illustrative type 2 SOC 2 report which contains all of the components of a type 2 SOC 2 report. In addition, it includes expanded information on unique challenges and risks service auditors will encounter in performing SOC 2 or SOC 3(R) engagements for cloud computing service organizations. Full Product DetailsAuthor: AICPAPublisher: John Wiley & Sons Inc Imprint: American Institute of Certified Public Accountants Weight: 0.666kg ISBN: 9781943546107ISBN 10: 194354610 Pages: 304 Publication Date: 20 September 2017 Audience: Professional and scholarly , Professional & Vocational Format: Paperback Publisher's Status: Forthcoming Availability: In Print Limited stock is available. It will be ordered for you and shipped pending supplier's limited stock. Table of ContentsReviewsAuthor InformationFounded in 1887, the American Institute of Certified Public Accountants (AICPA) represents the CPA and accounting profession nationally and globally regarding rule-making and standard-setting, and serves as an advocate before legislative bodies, public interest groups and other professional organizations. The AICPA develops standards for audits of private companies and other services by CPAs; provides educational guidance materials to its members; develops and grades the Uniform CPA Examination; and monitors and enforces compliance with the accounting profession's technical and ethical standards. The AICPA's founding established accountancy as a profession distinguished by rigorous educational requirements, high professional standards, a strict code of professional ethics, a licensing status and a commitment to serving the public interest. Tab Content 6Author Website:Countries AvailableAll regions |