Companies saving sensitive data or processes in the cloud need assurance that there are controls in place to maintain security. CPAs can play a role by using the AICPA's Service Organization Control Reports. The organization has three SOC reporting options: SOC 1, SOC 2 and SOC 3 reports. The Cloud Security Alliance recently endorsed SOC 2.
Published in Brief: