Diagram of icons floating above open laptop computer with one hand resting on keyboard.

System and organization controls (SOC) 1: Reporting on controls at a service organization (Guide)

This guide will help you audit a service organization's controls relevant to user entities' internal control over financial reporting.

Explore the updated SOC 1® Guide, a non-authoritative resource which we have adapted from the AICPA version to meet Canadian standards. It is intended for practitioners who are engaged to report on a service organization's controls relevant to user entities' internal control over financial reporting.

Key topics:

non-authoritative guidance on performing and reporting on SOC 1 engagements
understanding the difference between type 1 and type 2 SOC 1 report
illustrative management statements and management representation letters
illustrative service auditor's reports, including reporting in accordance with both Canadian and international, or Canadian and US standards

System and organization controls (SOC) 1: Reporting on controls at a service organization (Guide)

Key topics:

About CPA Canada

Become a CPA

My CPA Canada