|Available Formats:||See All|
This resource presents measurement criteria for use when providing attestation or consulting services to evaluate controls relevant to the security, availability, and processing integrity of a system, and the confidentiality and privacy of the information processed by the system.
The guidance was established by the Assurance Services Executive Committee (ASEC) of the AICPA, and is necessary when performing Service Organization Control -SOCSM 2 and SOCSM 3 engagements.
This edition improves clarity and eliminates redundancy, and updates the criteria based on the changing technology and business environment. The most significant changes include:
The trust services principles and criteria are effective for periods ending on or after December 15, 2014. Early implementation is permitted.