(As of March 1, 2020)

About AICPA Guides

This AICPA Guide, Reporting on an Examination of Controls Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy in a Production, Manufacturing, or Distribution System, has been developed by members of the SOC for Supply Chain Working Group of the AICPA Assurance Services Executive Committee (ASEC) in conjunction with members of the Auditing Standards Board (ASB).

The purpose of the guide is to assist practitioners engaged to examine and report on a system that produces, manufactures, or distributes products, including controls over one or more of the following:

  1. The security of the entity's system
  2. The availability of the entity's system
  3. The processing integrity of the entity's system
  4. The confidentiality of the information that the entity's system processes or maintains for customers and business partners
  5. The privacy of personal information that the entity's system collects, uses, retains, discloses, and disposes of for customers and business partners

An AICPA Guide containing attestation guidance is recognized as an interpretive publication as described in AT‐C section 105, Concepts Common to All Attestation Engagements.1 Interpretative publications are recommendations on the application of Statements on Standards for Attestation Engagements (SSAEs) in specific circumstances, including engagements for entities in specialized industries. Interpretive publications are issued under the authority ...

Get SOC for Supply Chain now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.