Appendix CIllustrative Management Assertion in a SOC for Supply Chain Examination

[ABC Entity's Letterhead]

Assertion of ABC Entity Management

Introduction

We have prepared the accompanying description of ABC Entity's [name or type of system] titled [insert title of the description] throughout the period [date] to [date] (description) based on the criteria for a description of a company's sys‐ tem in DC section 300, 2020 Description Criteria for a Description of an Entity's Production, Manufacturing, or Distribution System in a SOC for Supply Chain Report, in AICPA Description Criteria (description criteria). The description is intended to provide report users with information about the system, includ‐ ing the effectiveness of controls stated therein, that may be helpful when as‐ sessing their risks arising from ABC Entity's manufacture and distribution of widgets.

We have also evaluated whether the controls stated in the description, which are necessary to provide reasonable assurance that ABC Entity achieved its principal system objectives, were effective throughout the period [date] to [date] based on the trust services criteria relevant to security and availability (appli‐ cable trust services criteria) set forth in TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Pri‐ vacy, in AICPA Trust Services Criteria.1

Assertion ...

Get SOC for Supply Chain now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.