Reporting on an Examination of Controls at a Service Organization Relevant to User Entities' Internal Control Over Financial Reporting (SOC 1(R)) - Guide
Get a deeper understanding of what's required and how to provide best-in-class in service organization control engagements. Glean insight from expert authors and see learnings in action with illustrative report excerpts.

If you are purchasing a product in one of the following formats, please check the system requirements below:

Online Professional Library
The AICPA Online Professional Library will operate in a variety of configurations, but only the configuration described below is supported by our technicians:

  • Windows 7+ (Latest Microsoft Edge, Internet Explorer, Firefox or Chrome)

eBooks through VitalSource®

Operating Systems:

  • Windows 7/8/8.1/10 (32/64 bit)
  • Mac (OS X 10.9 or later)


  • Chrome (stable channel)
  • Firefox (release channel)
  • Safari 9+
  • Internet Explorer 11+
  • Microsoft Edge
  • Mobile Safari 9+
  • Chrome for Android (stable channel)


  • iPhone (iOS 10 or later)
  • iPad (iOS 10 or later)
  • Android Smartphone 5.0 or later
  • Android Tablet (Android OS 5.0 or later)
  • Kindle Fire (OS 5 or later)

VitalSource supports the current browser version.

Other Software Needs
To access your Interactive eBook on your tablet, desktop or mobile device, download the appropriate VitalSource Bookshelf app. Downloading this product will require an account with the third-party vendor and your data will be treated according to the vendor’s terms and conditions.


  • eBooks are intended for a single user only.
  • eBooks are accessible immediately after completing your purchase. Access to the link on the AICPA Store expires one year from the purchase date. You must create a VitalSource account before this time elapses in order to have continued access.
  • This product is refundable within 14 days of your purchase date if no more than 20% of the content was accessed.

Read our eBook Tutorial and see our FAQ for more information.


  • Adobe® Acrobat® Reader 8 or higher
Product details

Learn how to effectively perform SOC 1® engagements

Who Will Benefit?

  • Practitioners performing SOC 1 engagements
  • Managers of entities that have SOC 1 engagements being performed
  • Auditors relying on SOC 1 reports

Key Topics

  • Requirements and guidance in AT-C section 320 for performing SOC 1 engagements
  • Guidance from top CPAs on how to implement AT-C section 320 and address common and practice issues
  • How to provide best-in-class services related to planning, performing and reporting on a SOC 1 engagement
  • Successfully implement changes in AT-C section 320 arising from the issuance of SSAE 18
  • Determine how to describe the matter giving rise to a modified opinion
  • Understand the kinds of information financial statements auditors of user entities need from a service auditor's report
  • Organize and draft relevant sections of a type 2 report
  • Develop management representation letters for SOC 1 engagements

As business specialization grows, so does the practice of outsourcing tasks and functions to service organizations. These trends have increased the demand for SOC 1 engagements.

This guide will make sure you clearly understand how to complete a SOC 1 engagement under AT-C section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities' Internal Control Over Financial Reporting, of Statement on Standards for Attestation Engagements (SSAE) No. 18, Attestation Standards: Clarification and Recodification.

Get the basics or deepen your knowledge with these new features

Even if you're experienced with SOC engagements, this guide is an essential resource that:

  • Has been fully conformed to reflect changes resulting from SSAE No. 18, the clarified attestation standards.
  • Contains insight from expert authors on the Service Organizations Task Force composed of CPAs that all perform SOC 1® engagements. The Task Force updates the guide with lessons learned in practice.
  • Includes illustrative report paragraphs describing many different types of report modifications.

Additionally, this guide discusses implementation challenges. It integrates the SSAE No. 18 requirements and application guidance from the three applicable sections in the discussion of service auditors' engagements.

SSAE No. 18 is effective for service auditor's reports dated on or after May 1, 2017.

Content preview
Ratings and reviews

American Institute of CPAs

The American Institute of CPAs (AICPA) is the world’s largest member association representing the CPA profession, with more than 418,000 members in 143 countries, and a history of serving the public interest since 1887. AICPA members represent many areas of practice, including business and industry, public practice, government, education and consulting.

The AICPA sets ethical standards for the profession and U.S. auditing standards for private companies, nonprofit organizations, federal, state and local governments. It develops and grades the Uniform CPA Examination, and offers specialized credentials for qualified professionals who concentrate on personal financial planning; forensic accounting; business valuation; and information management and technology assurance. With The Chartered Institute of Management Accountants (CIMA), it offers the Chartered Global Management Accountant (CGMA) designation, which sets the global benchmark for quality and recognition in management accounting.

The AICPA and CIMA also make up the Association of International Certified Professional Accountants (the Association), which represents public and management accounting globally, advocating on behalf the public interest and advancing the quality, competency and employability of CPAs, CGMAs and other accounting and finance professionals worldwide.

The AICPA maintains offices in New York, Washington, DC, Durham, NC, and Ewing, NJ.

Member Quantity:
Nonmember Quantity:
Estimated total:
Add to cart
Back to Top