CSA Endorses AICPA Reporting Framework for Evaluating Controls over Cloud Providers
The American Institute of CPA's (AICPA) framework for evaluating technology-related controls and other safeguards used by Cloud service providers has been endorsed by the Cloud Security Alliance (CSA), a not-for-profit organization that promotes the use of best practices on security assurance within Cloud computing.
- The SOC 1 report deals with controls over financial reporting and replaces the widely used SAS 70 report.
- The SOC 2 report focuses on controls that bear on a service provider's security, processing integrity, and operating availability as well as the confidentiality and privacy of data moving through its systems.
- SOC 3 is a compressed version of the SOC 2 and is designed for public distribution.
Voice of the Editor
Which isn’t completely true. I mean, occasionally I drop by when I manage to sneak out of the nonstop frat party over at Going Concern, but I’m mostly a wallflower over there. I’m happy to say that I’ve been given express permission (or explicit orders, if you like) to wander over here to AccountingWEB more often.
Why is that, you might ask? My job is to replace the irreplaceable Gail Perry as Editor-in-Chief. What does that mean? I don’t really know! I think it’ll be fun getting a feel for things, throwing in my own thoughts here and there, and listening to the discussions you’re having about the accounting profession.