Proposed Revision of Criteria for a Description of a Service Organization's System in a SOC 2 Report
The system description of an SOC 2 report is the area in which the service organization details the system that is being assessed and the risks that are
SOC for Cybersecurity Reports: Overview and Comparison to SOC 2 Reports
The AICPA recently updated the System and Organization Controls (SOC) reporting suite of services with the releases of Statement on Standards for Attestation
AICPA releases SOC for Cybersecurity Examination Guidelines
The AICPA has recently published a reporting framework for CPA firms to perform an assessment of an organization’s cybersecurity risk management
AICPA SSAE 18 - Does Your Service Organization Effectively Assess the Controls Residing at its Subservice Organizations?
Many service organizations (e.g., payroll processors, data centers, facilities management companies), for reasons similar to why their clients contract