ExpertMedium1 markMultiple Choice
CPA · Question 30 · Area III: SOC Engagements
A CPA is engaged to perform a SOC 1® engagement. Which of the following best describes the subject matter of this engagement?
A CPA is engaged to perform a SOC 1® engagement. Which of the following best describes the subject matter of this engagement?
Answer options:
A.
Controls relevant to the security, availability, and processing integrity of the system.
B.
Controls at a service organization likely to be relevant to user entities' internal control over financial reporting (ICFR).
C.
Controls relevant to the organization's compliance with HIPAA.
D.
A general use report on the organization's cybersecurity risk management program.
How to approach this question
Memorize: SOC 1 = Financial Reporting. SOC 2 = Trust Services (Security, etc.). SOC 3 = Public Summary of SOC 2.
Full Answer
B.Controls at a service organization likely to be relevant to user entities' internal control over financial reporting (ICFR).✓ Correct
B
SOC 1 engagements address internal controls over financial reporting (ICFR). They are intended for user auditors who audit the financial statements of the service organization's clients.
Common mistakes
Thinking SOC 1 is about security (that's SOC 2).
Practice the full CPA ISC Practice Exam
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is performing a risk assessment for a client that uses a public cloud provider for its core...HardQ02During a walkthrough of a client's change management process, the auditor notes that developers h...HardQ03A service organization provides a real-time transaction processing platform. The service level ag...HardQ04An auditor is reviewing a SQL query used by the finance team to generate a report of all sales tr...HardQ05A healthcare clearinghouse is preparing for a SOC 2® engagement. They utilize a private cloud dep...Hard