Focuses on the impact of ssae 18 on soc 1 examinations and the re codified attestation standards specifically at c section 105 and at c section.
Ssae 18 control objectives list.
Since ssae 18 has effectively replaced ssae 16 and also sas 70 and because the ssae 18 controls and related assertions need to be based on relevant internal control over financial reporting icfr service organizations need to constructively re think their control objectives.
Are necessary to achieve the control objectives stated in management s description of the system when the carve out method of reporting has been used.
Entity s internal control over financial reporting that is integrated with an audit of its financial statements and related attestation interpretation no.
The aicpa s control objective definition provided in ssae 18 is the aim or purpose of specified controls at the service organization.
Moving to ssae 18.
Control objectives address the risks that controls are intended to mitigate.
Developing soc 1 ssae 18 control objectives that are related to the icfr concept is critical.
Updated as of january 1 2018 the soc 2 guide provides how to guidance for service auditors performing examinations under ssae 18 clarified attestation standards to report on a service organization s controls over its system relevant to security availability processing integrity confidentiality or privacy.