In response to market demand and changing business practices — particularly outsourcing and the transition to cloud computing — the American Institute of CPAs (AICPA) in 2010 issued new auditing standards and audit guides that replaced the decades-old SAS 70 standards and audit guide.
The new standards and audit guides, called Service Organization Control (SOC) reports, build on SAS 70 and focus on the misuse of SAS 70 reports for non-intended assurance purposes, align reporting with international standards, and provide more reporting options to address non-financial transaction and reporting subject matter and assurance needs. These new standards went into effect for all reports issued after June 15, 2011.
Why are these changes important to not-for-profits? We’ll answer that and provide more information about the various SOC reports in Mayer Hoffman McCann’s latest issue of the MHM Messenger.