×

Publications

SOC 2® Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy

  • $69.00-$89.00
    SOC 2® Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy Availability : In Stock Product #: AAGSOP18P
    AICPA Member: $69.00
    Non-Member: $89.00
  • $59.00-$79.00
    SOC 2® Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy Availability : eBook Download Product #: AAGSOP18E
    AICPA Member: $59.00
    Non-Member: $79.00
  • $59.00-$79.00
    Reporting on Controls at a Service Organization (SOC 2) Guide and Alert Bundle Availability : Online Access Product #: WSOC2
    AICPA Member: $59.00
    Non-Member: $79.00

The industry standard resource that helps you effectively perform SOC 2 and SOC 3® examination engagements.

Updated as of January 1, 2018, this guide includes relevant guidance contained in applicable standards and other technical sources. It explains the relationship between a service organization and its user entities, provides examples of service organizations, describes the description criteria to be used to prepare the description of the service organization's system, identifies the trust services criteria as the criteria to be used to evaluate the design and operating effectiveness of controls, explains the difference between a type 1 and type 2 SOC 2 report, and provides illustrative reports for CPAs engaged to examine and report on system and organization controls at a service organization. It also describes the matters to be considered and procedures to be performed by the service auditor in planning, performing, and reporting on SOC 2 and SOC 3 engagements.

Key Benefits

  • Gain an understanding of the requirements and guidance in SSAE No. 18, such as the need to request a written assertion from management, as they apply to SOC 2 examinations.
  • Obtain guidance from top CPAs on how to perform SOC 2 examinations and address common practice issues.
  • Understand how to efficiently plan, perform, and report on SOC 2 and SOC 3 engagements.
  • Determine how to describe a matter giving rise to a modified opinion by providing several illustrative paragraphs for different situations.
  • Understand the information needs of intended users of SOC 2 and SOC 3 reports.
  • Organize and draft relevant sections of a complete type 2 SOC 2 report that includes the service auditor's report, management's assertion, the description of the service organization's system, and the service auditor's description of tests of controls and results.
  • Organize and draft relevant sections of a type 1 SOC 2 report.
  • Organize and draft relevant sections of a SOC 3 report.
  • Develop management representation letters for SOC 2 and SOC 3 engagements.
  • Apply the 2017 trust services criteria in SOC 2 and SOC 3 examinations.
  • Apply the 2018 description criteria in SOC 2 examinations.

What's New

  • Updated for SSAE No. 18 (clarified attestation standards), this guide has been fully conformed to reflect lessons learned in practice.
  • Contains insight from expert authors on the SOC 2 working group composed of CPAs who perform SOC 2 and SOC 3 engagements.
  • Includes illustrative report paragraphs describing the matter that gave rise to the report modification for a large variety of situations.
  • Includes a new appendix for performing and reporting on a SOC 2 examination in accordance with International Standards on Assurance Engagements (ISAEs) or in accordance with both the AICPA's attestation standards and the ISAEs.

Who Will Benefit

  • Practitioners performing SOC 2 and SOC 3 engagements
  • Management of service organizations that have SOC 2 and SOC 3 engagements being performed
  • Users of SOC 2 and SOC 3 reports

Discounts

IMTA Section Members Save an Additional 10%

When you log into this website with your AICPA member user account, the section/credential discount will be automatically applied during checkout. Should you have any questions or encounter any issues, please contact the AICPA Service Center at 888-777-7077 or service@aicpa.org.

Find out more information on becoming an IMTA Section Member, click here.

Online Subscription > AICPA Online Professional Library. The online subscription option below includes content updates and unlimited online access for 1 year. AICPA Online Professional Library - your source for the latest guidance, information, and standards on a variety of accounting & auditing, industry-specific, and practice management topics. Subscribe to the product, bundle, or library that best meets your organization's needs. Click here for more information.

Information about the eBook option

If purchasing this title as an eBook, please note that it is intended for a single user. An eBook is a downloadable file that will be accessible immediately after completing your purchase. Access to the download link expires 180 days from the purchase date. Download the file before this time elapses. Before downloading your eBook, you must:

  • Download and activate Adobe Digital Editions® - a free program for accessing eBooks
  • Return to the AICPA Store and go to My Account > My Downloads
  • Click the eBook title to download and open automatically in Adobe Digital Editions

Note: To access your eBook on a smartphone, tablet or other reading device, see our FAQ. This product is refundable within 10 days of your purchase date. For more information about this product or service concerns, please contact the AICPA Store Service Center at service@aicpa.org or call 888-777-7077.

Table of Contents

System Requirements

About the Publisher

American Institute of CPAs

The American Institute of CPAs (AICPA) is the world’s largest member association representing the CPA profession, with more than 418,000 members in 143 countries, and a history of serving the public interest since 1887. AICPA members represent many areas of practice, including business and industry, public practice, government, education and consulting.

The AICPA sets ethical standards for the profession and U.S. auditing standards for private companies, nonprofit organizations, federal, state and local governments. It develops and grades the Uniform CPA Examination, and offers specialized credentials for qualified professionals who concentrate on personal financial planning; forensic accounting; business valuation; and information management and technology assurance. With The Chartered Institute of Management Accountants (CIMA), it offers the Chartered Global Management Accountant (CGMA) designation, which sets the global benchmark for quality and recognition in management accounting.

The AICPA and CIMA also make up the Association of International Certified Professional Accountants (the Association), which represents public and management accounting globally, advocating on behalf the public interest and advancing the quality, competency and employability of CPAs, CGMAs and other accounting and finance professionals worldwide.

The AICPA maintains offices in New York, Washington, DC, Durham, NC, and Ewing, NJ.