contact us  |  print  |  français  |  log in
my downloads
pay an invoice
my account
Accounting & assurance
Business & finance
CPA Canada Handbook
Information technology
Practice management
Risk & governance
Tax
Other
in all formats

CPA Canada Guide SOC 2® Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy

CPA Canada Guide SOC 2® Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy - This product is available in the following media types: Download (eBook)(en anglais seulement)

CPA Canada Guide SOC 2® Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacyis a practical resource for practitioners engaged to report on the privacy and security of a service organization’s systems

Take your guides with you on your eReader, laptop, smartphone or tablet. SOC Guides are available in convenient and searchable eBook format!

*Special Member Pricing will be displayed for CPA Canada members upon login


ItemItem no.PriceQuantity
Download (eBook)Download (eBook) 
71550005$105.00
add to cart   
Prices may change without notice. User license policies
 

GUIDANCE FOR CANADIAN PRACTITIONERS ENGAGED TO REPORT ON CONTROLS AT A SERVICE ORGANIZATION

SOC 2 is a practical resource for practitioners engaged to report on service organization’s controls relevant to security, availability, processing integrity, confidentiality, or privacy. The engagement described in this guide is based on the requirements and application material set out in the CPA Canada Handbook – Assurance and specifically Canadian Standard on Assurance Engagements (CSAE) 3000, Attestation Engagements Other than Audits or Reviews of Historical Financial Information. CSAE 3000 deals with assurance engagements other than audits of financial statements and other historical financial information performed by practitioners.

This guide is a non-authoritative resource which has been adapted by CPA Canada from the AICPA version to meet Canadian standards. SOC 2 engagements are designed to assist Canadian practitioners engaged to report on a service organization’s controls over one or more of the following:

  • The security of a service organization’s system
  • The availability of a service organization’s system
  • The processing integrity of a service organization’s system
  • The confidentiality of the information that the service organization’s system processes or maintains for user entities
  • The privacy of personal information that the service organization collects, uses, retains, discloses, and disposes of for user entities

KEY TOPICS INCLUDE:

  • non-authoritative guidance on performing and reporting on SOC 2 and SOC 3 engagements
  • understanding the difference between a type 1 and type 2 SOC 2 report
  • illustrative management statements and management representation letters
  • illustrative service auditor’s reports, including reporting in accordance with both Canadian and International or US standards
  • 2018 Description Criteria for a Description of a Service Organization’s System in a SOC 2 Report
  • 2018 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy

This Guide considers standards issued up to March 1, 2019

RELATED PUBLICATIONS

SOC for Cybersecurity: CPA Canada Guide - Reporting on an Entity's Cybersecurity Risk Management Program and Controls

The 2019 CPA Canada SOC 1 Guide


ISBN: 978-1-55385-762-4
Publication Date: June 2019

Terms and Conditions | Privacy Policy | Shipping and Store Policies | AODA | Anti-Harassment Policy | Advocacy | Vulnerability Disclosure

Help Desk: Mon-Fri, 9am-5pm ET | 1-866-256-6842 | Contact us

© 2001-2023, CPA Canada | EYEP. All rights reserved.