OUR THOUGHTS ON:
SSAE 18/SOC

SORT OPTIONS: Most Recent | Most Viewed

My Client/Prospective Client Just Asked for a SOC Report. Now What Do I Do?

Does anxiety and panic set in when a client or prospect asks if you have a Systems and Organization Controls (SOC) report? Could you be in jeopardy of ... read more >

Proposed Revision of Criteria for a Description of a Service Organization's System in a SOC 2 Report

The system description of an SOC 2 report is the area in which the service organization details the system that is being assessed and the risks that are ... read more >

SOC for Cybersecurity Reports: Overview and Comparison to SOC 2 Reports

The AICPA recently updated the System and Organization Controls (SOC) reporting suite of services with the releases of Statement on Standards for Attestation ... read more >

AICPA SSAE 18 - Does Your Service Organization Effectively Assess the Controls Residing at its Subservice Organizations?

Many service organizations (e.g., payroll processors, data centers, facilities management companies), for reasons similar to why their clients contract ... read more >

SOC 2 Trust Services Criteria Revamped to Align with the COSO 2013 Framework

The AICPA’s Assurance Services Executive Committee (ASEC) recently released an exposure draft, proposing revisions of the Trust Services Criteria ... read more >