SOC 2 Audit

SOC 2 Audit: The corresponding SOC 2 and SOC 3 audits which are not relevant to financial reporting are in accordance with AT Section 101 and will utilize the recently released AICPA audit guide titled  “Reports on Controls at a Service Organization over Security, Availability, Processing Integrity, Confidentiality or Privacy’’. The report includes tests of the information systems controls governing the accounting records and other procedures necessary to enable the auditor to express an unqualified opinion that the information technology systems and controls described by management allow financial statements to be fairly presented, in all material respects, and in conformity with the standards established by the following principles:.

  1. Security: The system is protected against unauthorized access (both physical and logical).
  2. Availability: The system is available for operation and use as committed or agreed.
  3. Processing integrity: System processing is complete, accurate, timely, and authorized.
  4. Confidentiality: Information designated as confidential is protected as committed or agreed.
  5. Privacy: Personal information (i.e., information that is about or can be related to an identifiable individual) is collected, used, retained, disclosed, and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in generally accepted privacy principles (GAPP) issued by the AICPA and CICA.

Leave a Reply

Your email address will not be published. Required fields are marked *

Go back to top