To the Point - AICPA revises guidance on applying its Trust Services Criteria and SOC 2 Description Criteria


The AICPA revised its guidance on the criteria used by management to prepare SOC 2 reports and by management and service auditors to evaluate the design and operating effectiveness of controls related to security, availability, processing integrity, confidentiality and privacy. Service organizations may need to make changes to their controls and their system descriptions in SOC 2 reports.

Download PDF