![]() ![]() This method is often used in conjunction with other, more reliable methods. Inquiry: Simply, the auditor asks appropriate management and staff about the controls in place at the service organization to determine some relevant information.These methods include (listed in order of complexity from lowest to highest): inquiry, observation, examination or inspection of evidence, re-performance, and computer assisted audit technique (CAAT). ![]() There are five main methods to walk through and test each control in place at the service organization. Below we have outlined the five testing methods used for testing controls as part of a SOC examination. There are a number of different ways to confirm, or test, that a control is working. So once the controls are identified how do you confirm they are working? That is where a test of control comes in. These controls will demonstrate to their clients that the services they are providing or their environment is safe and secure. When performing a SOC examination, we are helping our clients identify the controls that they have, or need to implement. ![]() Each control objective or criteria has a number of supporting controls that are walked through and tested, and this is accomplished using a variety of testing methods/procedures. Type 2 SOC engagements (for both SOC 1 audits and SOC 2 audits) require walkthroughs and testing of the controls in place at the service organization to be able to opine on the suitability of the design and the operating effectiveness of controls during the period under review. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |