CHAPTER 26
E-Business for Not-for-Profit Organizations
How Can Not-for-Profits Manage the Risks to Maximize E-Business Opportunities?
26.1 Whether You Call It E-Business or Technology-Enabled Business, It Still Matters
26.2 Ask Yourself These Questions
26.7 How Are Not-for-Profit Organizations Using E-Business Today?
26.1 Whether You Call It E-Business or Technology-Enabled Business, It Still Matters
p. 473. Add the following paragraph to appear before the first full paragraph on the page:
When entering into an agreement with an ASP for software-based services and solutions, the user of the ASP can request the ASP's third-party assurance report to gain an understanding of the design and operation of controls. There are three standards governing the Service Organization Control (SOC) reports: SSAE16/ISAE3402 (SOC1), AT101 (SOC2), and Trust Services (SOC3). When an organization uses an ASP to support financially related activities (e.g., payroll, disbursement of financial aid, etc.), an SSAE16/ISAE3402 would typically be requested to understand the design and operation of controls at the ASP. If an organization uses an ASP to support a function beyond financial reporting (e.g., regulatory compliance, privacy, sustainability, etc.), an AT101 would typically be requested to understand the design and operation of controls. The Trust Services (SOC3) standard relates to situations where the ASP has been engaged for services relevant to security, availability, processing ...
Get Financial and Accounting Guide for Not-for-Profit Organizations, Eighth Edition 2014 Supplement now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
