OUR THOUGHTS ON:
SSAE 16/SOC

SORT OPTIONS: Most Recent | Most Viewed

Proposed Revision of Criteria for a Description of a Service Organization's System in a SOC 2 Report

The system description of an SOC 2 report is the area in which the service organization details the system that is being assessed and the risks that are ... read more >

SOC for Cybersecurity Reports: Overview and Comparison to SOC 2 Reports

The AICPA recently updated the System and Organization Controls (SOC) reporting suite of services with the releases of Statement on Standards for Attestation ... read more >

AICPA SSAE 18 - Does Your Service Organization Effectively Assess the Controls Residing at its Subservice Organizations?

Many service organizations (e.g., payroll processors, data centers, facilities management companies), for reasons similar to why their clients contract ... read more >

SOC 2 Trust Services Criteria Revamped to Align with the COSO 2013 Framework

The AICPA’s Assurance Services Executive Committee (ASEC) recently released an exposure draft, proposing revisions of the Trust Services Criteria ... read more >

SOC 2 Reports Meet Certification Program Requirements for Access to the Death Master File

On June 1, 2016, the National Technical Information Service (NTIS) issued the final rule for how entities receiving the Limited Access Death Master File ... read more >

SOC 2 Privacy: Are You Ready for the Changes?

SSAE 16/SOC

By Steve Earley

Following up to an article we posted last July regarding changes to the American Institute of Certified Public Accountants (AICPA) Trust Services Principles ... read more >