This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our privacy policy to learn more.

Service organizations

About this topic

CPAs are expected to maintain a level of competence to meet the profession’s technical and ethical standards, and provide valuable services to the public, employers and clients. Based on the AICPA Competency Framework: Assurance, these learning resources are designed to help you understand the knowledge and skills necessary to perform high-quality compilation, review, attest, and audit engagements. You’ll also find resources here to support your advisory and consulting engagements.

Check your knowledge

Take a knowledge check to evaluate your proficiencies and find related learning resources.

Get started

Introduction to SOC for Service Organizations Reporting

Gain an understanding of system and organization control reporting guidance and common practice issues that will provide you with the foundational knowledge to...

Course – Online Service organizations Foundational

SOC 2® Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy

Gain an up-to-date, holistic understanding of SOC 2 and SOC 3® examination engagements. This guide will help you understand What goes into planning, performing and...

Publication Service organizations Intermediate

Walkthrough of the Trust Services Criteria

Obtain a foundational understanding of the Trust Services Criteria, the control criteria used to assess system, and organization controls for SOC 2®, SOC 3® and SOC...

Course – Online Cybersecurity Foundational

Advanced SOC for Service Organizations Certificate Exam

Prove your ability to plan, perform and report on SOC 1 and SOC 2 engagements through this timed online exam.

Course – Online Service organizations Advanced

Reporting on an Examination of Controls at a Service Organization Relevant to User Entities' Internal Control Over Financial Reporting (SOC 1(R)) - Guide

Get a deeper understanding of what's required and how to provide best-in-class in service organization control engagements. Glean insight from expert authors and see...

Publication Service organizations Intermediate

Avoid Potholes: For a Smooth Ride to Peer Review

This guide will help you pinpoint areas your firm might need to take a closer look at to ensure quality standards are being met.

Report Peer review Intermediate

Illustrative Type 2 SOC 2 SM Report with the Criteria in the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)

This page includes an illustrative SOC 2® Report to assist CPAs in reporting on the suitability of the design and operating effectiveness of a service organization’s...

Article Service organizations Intermediate

SOC 3® Trust Services Report for Service Organizations

This page provides an introduction to SOC 3® reports.

Article Service organizations Foundational

SOC Toolkit for Firms

To help firms navigate this emerging service area, the AICPA has created a number of resources in this helpful toolkit.

Article Service organizations Foundational

Comparison of SOC 1, SOC 2 and SOC 3 Reports

This article contains a detailed comparison of SOC 1®, SOC 2® and SOC 3® Reports.

Article Service organizations Foundational

SOC 2® + Additional Subject Matter

Learn about additional considerations related to SOC 2 reporting.

Article Service organizations Intermediate

SOC 1 ® Report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting

This page provides a summary of the purpose and types of SOC 1 reports.

Article Service organizations Foundational