Compliance Week Articles |
The need for providers to report on their internal controls has never been greater. Businesses face increasing risks, and many believe their risks increase even further when they rely on processes of third-party organizations.
Building Trust and Credibility with SOC 2: A New Report on Internal Control
Recent changes in compliance reporting present new opportunities for organizations to build trust among customers, suppliers, business partners, and other stakeholders.
With the introduction of the Service Organization Controls (SOC) 2 report from the American Institute of Certified Public Accountants (AICPA), organizations can now document their internal controls which are unrelated to financial reporting and which support the organization in meeting a regulation, standard or a specific set of criteria. This new standard covers a broader range of controls, which affect processing integrity, system availability, security, and privacy.
This article explains what a SOC 2 report is, and why it is worth considering.
A Guide to Transitioning From SAS 70 to SSAE 16/SOC 1
If you are transitioning to a SSAE 16/SOC 1 report, consider getting started now. Planning early puts you in a good position to evaluate if you’ll be able to provide the required assertion or if there are additional procedures needed. You can also address the risks that have been identified to determine if they are mitigated by controls and avoid any gaps and potential report qualifications as you move into your reporting period.
This controls guide outlines the impact of the key differences between SAS 70 and SSAE 16/SOC 1 on management, and how to address issues some organizations may face in transitioning to the new report.
Building Trust and Credibility with SOC 2: A New Report on Internal Control
(88.03 KB)
