ExpertHard1 markMultiple Choice
CPA · Question 51 · Area III: SOC Engagements
Which of the following is a 'Management Assertion' required in a SOC 2® report?
Which of the following is a 'Management Assertion' required in a SOC 2® report?
Answer options:
A.
Assertion that the financial statements are free of material misstatement.
B.
Assertion that the controls were suitably designed and operated effectively to achieve the service commitments.
C.
Assertion that the company is profitable.
D.
Assertion that no fraud occurred.
How to approach this question
Management asserts (claims) the controls work. The auditor tests that claim.
Full Answer
B.Assertion that the controls were suitably designed and operated effectively to achieve the service commitments.✓ Correct
Assertion that the controls were suitably designed and operated effectively to achieve the service commitments.
Management must provide a written assertion accompanying the system description, stating that the controls were suitably designed (Type I) and operated effectively (Type II) to meet the criteria.
Common mistakes
Confusing with financial assertions.
Practice the full CPA ISC Practice Exam 4
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud environ...HardQ02An auditor is reviewing the Service Level Agreement (SLA) for a client using a public cloud provi...HardQ03A company uses an Infrastructure as a Service (IaaS) model. During an IT audit, the auditor disco...HardQ04An organization is implementing the COSO Enterprise Risk Management (ERM) framework to govern its...HardQ05During a walkthrough of an order-to-cash process, the auditor observes that the sales manager can...Hard