In May 2011, the American Institute of Certified Public Accountants issued a new set of guidelines known as Service Organisation Controls-2 (SOC-2) report, which outlines criteria for the security, availability, processing integrity, privacy and confidentiality of a service organisation’s systems and processes. Organisations that outsource functions, not relevant to financial statements, can request an SOC-2 report to assure themselves that they have requisite controls in place. The report is similar to the older SAS 70 […]
governance and risk
1 post