This updated and improved guide is designed to help accountants effectively perform SOC 1® engagements under AT-C section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting, of Statement on Standards for Attestation Engagements (SSAE) No. 18, Attestation Standards: Clarification and Recodification. With the growth in business specialization, outsourcing tasks and functions to service organizations has become increasingly popular, increasing the demand for SOC 1 engagements. This guide will help: Gain a deeper understanding of the requirements and guidance in AT-C section 320 for performing SOC 1 engagements. Obtain guidance from top CPAs on how to implement AT-C section 320 and address common and practice issues. Provide best in class services related to planning, performing, and reporting on a SOC 1 engagement. Successfully implement changes in AT-C section 320 arising from the issuance of SSAE 18, which is effective for reports dated on or after May 1, 2017. Determine how to describe the matter giving rise to a modified opinion by providing over 20 illustrative paragraphs for different situations. Understand the kinds of information auditors of the financial statements of user entities need from a service auditor's report. Implement the requirement in SSAE No. 18 to obtain a written assertion from management of the service organization. Organize and draft relevant sections of a type 2 report by providing complete illustrative type 2 reports that include the service auditor’s report, management’s assertion, the description of the service organization’s system, and the service auditor’s description of tests of controls and results. Develop management representation letters for SOC 1 engagements.

Updated as of January 1, 2018, this guide includes relevant guidance contained in applicable standards and other technical sources. It explains the relationship between a service organization and its user entities, provides examples of service organizations, describes the description criteria to be used to prepare the description of the service organization’s system, identifies the trust services criteria as the criteria to be used to evaluate the design and operating effectiveness of controls, explains the difference between a type 1 and type 2 SOC 2 report, and provides illustrative reports for CPAs engaged to examine and report on system and organization controls at a service organization. It also describes the matters to be considered and procedures to be performed by the service auditor in planning, performing, and reporting on SOC 2 and SOC 3 engagements. New to this edition are: Updated for SSAE No. 18 (clarified attestation standards), this guide has been fully conformed to reflect lessons learned in practice Contains insight from expert authors on the SOC 2 working group composed of CPAs who perform SOC 2 and SOC 3 engagements Includes illustrative report paragraphs describing the matter that gave rise to the report modification for a large variety of situations Includes a new appendix for performing and reporting on a SOC 2 examination in accordance with International Standards on Assurance Engagements (ISAEs) or in accordance with both the AICPA’s attestation standards and the ISAEs

Updated as of January 1, 2018, this guide includes relevant guidance contained in applicable standards and other technical sources. It explains the relationship between a service organization and its user entities, provides examples of service organizations, describes the description criteria to be used to prepare the description of the service organization’s system, identifies the trust services criteria as the criteria to be used to evaluate the design and operating effectiveness of controls, explains the difference between a type 1 and type 2 SOC 2 report, and provides illustrative reports for CPAs engaged to examine and report on system and organization controls at a service organization. It also describes the matters to be considered and procedures to be performed by the service auditor in planning, performing, and reporting on SOC 2 and SOC 3 engagements. New to this edition are: Updated for SSAE No. 18 (clarified attestation standards), this guide has been fully conformed to reflect lessons learned in practice Contains insight from expert authors on the SOC 2 working group composed of CPAs who perform SOC 2 and SOC 3 engagements Includes illustrative report paragraphs describing the matter that gave rise to the report modification for a large variety of situations Includes a new appendix for performing and reporting on a SOC 2 examination in accordance with International Standards on Assurance Engagements (ISAEs) or in accordance with both the AICPA’s attestation standards and the ISAEs

Designed to cover the complexities of SOC 1 reports and employee benefit plans, this practice aid describes how a SOC 1 report should be considered in the audit of an employee benefit plan and what audit procedures should be applied to the information in the SOC 1 report.

Internal and external forces such as globalization, global interconnectivity, automation, and other technological advancements are making today’s supply chains highly sophisticated and complex. For organizations that produce, manufacture or distribute products, there’s often a high level of interdependence and connectivity with their suppliers and their customers and business partners. Although the interconnectedness of these organizations can be beneficial (increased revenues, expanded market opportunities, and cost reduction), the ability of organizations to meet their goals is often increasingly dependent on events, processes, and controls that are not visible and are often beyond their control – such as a supplier’s controls. That’s why the demand for transparency in supply chains is now higher than ever before, and why this is the perfect time for you to help organizations assess their supply chain risks, evaluate the system controls within their manufacturing, production, or distribution systems, and communicate their supply chain management efforts to those with whom they do business. Accountants and financial managers can also increase the credibility of the supply chain information communicated by the organization by providing an opinion on the organization’s supply chain efforts. This guide enables the accountant and financial manager to examine and report on the description of a system for manufacturing, producing and distributing goods as well as on the controls within that system using a dynamic, proactive, and agile approach. It will show how to conduct this examination in accordance with the attestation standards. The guide may also be helpful when providing readiness assessments to clients, who are not quite ready for an examination level service and need help to get there. The guide also includes excerpts from the two distinct, but complementary sets of criteria developed by the AICPA to assist practitioners with SOC for Supply Chain engagements: the description criteria and the 2017 trust services criteria.

Whether you are a financial statement preparer or auditor, it is critical to understand the complexities of the specialized accounting and regulatory requirements for investment companies. This 2018 guide provides authoritative how-to accounting and auditing advice, including implementation guidance and illustrative financial statements and disclosures. This guide is the industry standard resource, supporting practitioners in a constantly changing industry landscape packed with continuous regulatory developments. Updates include: References to appropriate AICPA Technical Questions and Answers that address when to apply the liquidation basis of accounting. Appendices discussing the new standards for financial instruments, leases and revenue recognition. Appendices discussing common or collective trusts and business development companies.

Whether you are a financial statement preparer or auditor, it is critical to understand the complexities of the specialized accounting and regulatory requirements for investment companies. Your industry standard resource, this 2019 edition supports practitioners in a constantly changing industry landscape. Packed with continuous regulatory developments, this guide covers: Authoritative how-to accounting and auditing advice, including implementation guidance and illustrative financial statements and disclosures; Details on the changes to illustrated financial statements and disclosures resulting from guidance that was recently-issued or became recently effective (for example, SEC's release, "Disclosure Update and Simplification"); 2019 updates include:References to appropriate AICPA Technical Questions and Answers that address when to apply the liquidation basis of accounting and appendices discussing the new standard for financial instruments, common or collective trusts and business development companies. Finally, this guide features a schedule of changes which identifies where to find updated content and the associated reasons for the changes.