ExpertMedium1 markMultiple Choice
CPA · Question 70 · Area III: SOC Engagements
What are 'Complementary User Entity Controls' (CUECs)?
What are 'Complementary User Entity Controls' (CUECs)?
Answer options:
A.
Controls performed by the service auditor.
B.
Controls that the service organization assumes the user entity will implement to achieve the control objectives.
C.
Controls at the subservice organization.
D.
Redundant controls.
How to approach this question
User Entity = Customer. Complementary = Completes the picture.
Full Answer
B.Controls that the service organization assumes the user entity will implement to achieve the control objectives.✓ Correct
Controls that the service organization assumes the user entity will implement to achieve the control objectives.
CUECs are controls that the service organization cannot perform (e.g., user access reviews at the client side) but are necessary for the overall control objective to be met. They are listed in the report for the user to implement.
Common mistakes
Confusing CUECs with CSOCs (Complementary Subservice Organization Controls).
Practice the full CPA ISC Practice Exam 5
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll processing application to its user entities...MediumQ02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...HardQ03A financial institution requires a cloud deployment model that offers the highest level of contro...MediumQ04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...MediumQ05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy