SOC for supply chain : reporting on an examination of controls relevant to security, availability, processing integrity, confidentiality, or privacy in a production, manufacturing, or distribution system Guide /
Internal and external forces such as globalization, global interconnectivity, automation, and other technological advancements are making today's supply chains highly sophisticated and complex. For organizations that produce, manufacture or distribute products, there's often a high level o...
Clasificación: | Libro Electrónico |
---|---|
Autor Corporativo: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
[Hoboken] :
Wiley,
[2020]
|
Colección: | AICPA guide
|
Temas: | |
Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright Page
- Preface
- Table of Contents
- Chapter 1 Introduction and Background
- Introduction
- Intended Users of a SOC for Supply Chain Report
- Overview of a SOC for Supply Chain Examination
- Contents of the SOC for Supply Chain Report
- Defining the System to Be Examined
- The Entity's System Objectives and Principal System Objectives
- Selecting the Trust Services Category or Categories to Be Addressed by the Examination
- Determining the Time Frame for the Examination
- Other Engagement Considerations
- Considerations for Entities That Distribute Products
- Considerations for Entities That Bundle Services With Their Products
- Considerations for a Design-Only Examination
- Matters Not Addressed by a SOC for Supply Chain Examination
- Criteria for a SOC for Supply Chain Examination
- Description Criteria
- Trust Services Criteria
- Evaluating the Entity's Principal System Objectives
- The Practitioner's Opinion in a SOC for Supply Chain Examination
- Other Types of SOC Examinations: SOC Suite of Services
- Professional Standards
- Attestation Standards
- Code of Professional Conduct
- Quality in the SOC for Supply Chain Examination
- Definitions
- Chapter 2 Accepting and Planning a SOC for Supply Chain Examination
- Introduction
- Understanding Entity Management's Responsibilities
- Entity Management's Responsibilities Prior to Engaging the Practitioner
- Entity Management's Responsibilities During the Examination
- Entity Management's Responsibilities During Engagement Completion
- Responsibilities of the Practitioner
- Engagement Acceptance and Continuance
- Independence
- Competence of Engagement Team Members
- Preconditions of the Engagement
- Determining the Appropriateness of the Subject Matter
- Identifying the Components of the System to be Examined
- Determining the Boundaries of the System Being Examined
- Determining Whether Entity Management Is Likely to Have a Reasonable Basis for Its Assertion
- Assessing the Suitability and Availability of Criteria
- Determining Whether the Entity's Principal System Objectives Are Reasonable in the Circumstances
- Requesting a Written Assertion and Representations From Entity Management
- Agreeing on the Terms of the Engagement
- Accepting a Change in the Terms of the Examination
- Establishing an Overall Examination Strategy for and Planning the Examination
- Performing Risk Assessment Procedures
- Obtaining an Understanding of the Description of the Entity's System and Control Effectiveness
- Assessing the Risks of Material Misstatement
- Considering Materiality During Planning
- Considering Entity-Level Controls
- Understanding the Internal Audit Function
- Planning to Use the Work of a Practitioner's Specialist
- Identifying Customer Responsibilities and Complementary Customer Controls
- Identifying Suppliers and Complementary Supplier Controls