...
Audit and Accounting Guides & Audit Risk Alerts AICPA Guide: Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting (SOC 1®)
You must log in to view this content and have a subscription package that includes this content.
Required subscriptions
- US GAAP
View all / combine content
ABSTRACTPrefaceChapter 1 — Introduction and BackgroundChapter 2 — Understanding How a User Auditor Uses a Type 1 or Type 2 ReportChapter 3 — Planning a Service Auditor’s Engagement Chapter 4 — Performing a Service Auditor’s Engagement Under AT-C Section 320Chapter 5 — ReportingAppendix A — Illustrative Type 2 ReportsAppendix B — Illustrative Type 2 Reports — Inclusive MethodAppendix C — Illustrative Type 1 Service Auditor’s Report and Management’s Assertion, Service Organization Requires Complementary User Entity Controls, Includes Other Information Not Covered by the Service Auditor’s ReportAppendix D — Illustrative Control ObjectivesAppendix E — Comparison of SOC 1®, SOC 2®, and SOC 3® Engagements and Related ReportsAppendix F — Comparison of Requirements in AT-C Section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting, With Requirements of International Standard on Assurance Engagements 3402, Assurance Reports on Controls at a Service OrganizationAppendix G — Illustrative Service Auditor’s Report When Reporting Under Both AT-C Section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting, and ISAE 3402, Assurance Reports on Controls at a Service OrganizationAppendix H — Overview of Statements on Quality Management StandardsAppendix I — Schedule of Changes Made to the Text From the Previous EditionGlossary
ABSTRACTPrefaceChapter 1 — Introduction and BackgroundChapter 2 — Understanding How a User Auditor Uses a Type 1 or Type 2 ReportChapter 3 — Planning a Service Auditor’s Engagement Chapter 4 — Performing a Service Auditor’s Engagement Under AT-C Section 320Chapter 5 — ReportingAppendix A — Illustrative Type 2 ReportsAppendix B — Illustrative Type 2 Reports — Inclusive MethodAppendix C — Illustrative Type 1 Service Auditor’s Report and Management’s Assertion, Service Organization Requires Complementary User Entity Controls, Includes Other Information Not Covered by the Service Auditor’s ReportAppendix D — Illustrative Control ObjectivesAppendix E — Comparison of SOC 1®, SOC 2®, and SOC 3® Engagements and Related ReportsAppendix F — Comparison of Requirements in AT-C Section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting, With Requirements of International Standard on Assurance Engagements 3402, Assurance Reports on Controls at a Service OrganizationAppendix G — Illustrative Service Auditor’s Report When Reporting Under Both AT-C Section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting, and ISAE 3402, Assurance Reports on Controls at a Service OrganizationAppendix H — Overview of Statements on Quality Management StandardsAppendix I — Schedule of Changes Made to the Text From the Previous EditionGlossary