SOC Reports, Controls, and Assurance Flashcards

0.0(0)
studied byStudied by 0 people
linked notesView linked note
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/23

flashcard set

Earn XP

Description and Tags

Flashcards for SOC reports, controls, and assurance based on lecture notes.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

24 Terms

1
New cards

SOC 1 Report

Reports on controls at a service organization relevant to user entities' internal control over financial reporting (ICFR).

2
New cards

SOC 1 Report Audience

Restricted to service organization management, user entities, and user auditors only.

3
New cards

SOC 1 Type 1 Report

Reports on the design of controls as of a specific date.

4
New cards

SOC 1 Type 2 Report

Reports on both the design and operating effectiveness of controls over a period.

5
New cards

SOC 2 Report

Evaluates controls related to security, availability, processing integrity, confidentiality, and privacy.

6
New cards

SOC 3 Report

A general use report on trust services criteria that can be freely distributed.

7
New cards

Management’s Assertion

One of the five sections in both SOC 1 and SOC 2 reports.

8
New cards

Auditor’s Report

One of the five sections in both SOC 1 and SOC 2 reports.

9
New cards

System Description

One of the five sections in both SOC 1 and SOC 2 reports.

10
New cards

Auditor’s Tests of Controls

One of the five sections in both SOC 1 and SOC 2 reports.

11
New cards

Other Info from Service Org

One of the five sections in both SOC 1 and SOC 2 reports.

12
New cards

AT-C 320

Focused on reporting on an examination of controls at a service organization relevant to ICFR.

13
New cards

Limited Assurance

A level of assurance that is less than reasonable assurance.

14
New cards

Professional Skepticism

An attitude that includes a questioning mind and a critical assessment of audit evidence.

15
New cards

Internal Auditors' Work in Attestation

Their work may be used by the practitioner if deemed reliable, to gain understanding and gather evidence.

16
New cards

Materiality in SOC Reports

A concept that determines the significance of misstatements or control deficiencies.

17
New cards

Control Objectives

Define what controls aim to achieve.

18
New cards

Control Activities

The actual procedures in place to meet control objectives.

19
New cards

Reasonable Assurance

A high level of assurance that the subject matter is free from material misstatement.

20
New cards

Limited Assurance (Details)

A moderate level of assurance; the practitioner concludes that no material modifications are needed based on procedures performed. (comes from a review)

21
New cards

Positive Expression

An explicit statement that the subject matter conforms with criteria, typically used in reasonable assurance engagements.

22
New cards

Negative Expression

A statement that nothing came to the practitioner's attention to indicate material misstatement, used in limited assurance engagements.

23
New cards

SOC Report with Reasonable Assurance

SOC 1 and SOC 2 reports usually provide reasonable assurance, especially in Type 2 engagements.

24
New cards

SOC 3 Report

For general use, publicly available, and does not contain detailed system or control test descriptions.