The Cloud Security Alliance (CSA), a not-for-profit organization that promotes the use of best practices on security assurance within cloud computing, has officially endorsed the American Institute of CPA’s framework for evaluating technology-related controls and other safeguards used by cloud service providers.
The AICPA’s reporting framework, known as Service Organization Control (SOC) Reports was developed in 2011 and consists of three major document types. The first – the SOC 1 report - deals with controls over financial reporting, and replaces the widely used SAS 70 report. The SOC 2 report,focuses on controls that bear on a service provider’s security, processing integrity and operating availability, as well as the confidentiality and privacy of data moving through its systems. SOC 3 is a compressed version of the SOC 2 and is designed for public distribution.
Register or login for access to this item and much more
All Accounting Today content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access