From the course: Cloud Security Operations by Pearson
Join today to access over 25,200 courses taught by industry experts.
Audit controls, reports, and their impact
From the course: Cloud Security Operations by Pearson
Audit controls, reports, and their impact
SSAE stands for the Statement on Standards for Attestation Engagement, and on this exam, we're concerned with number 18, which is a U.S. auditing standard issued by the AICPA, the American Institute of Certified Public Accountants. SSAE addresses engagements carried out by a service auditor for reporting on controls at service organizations. It applies to entities that offer services to users, such as softwares or service providers. Think Salesforce and Workday, when the technical controls are expected to be applicable to a customer's internal financial reporting. Information security is of key concern to enterprises that outsource critical business operations to third party vendors, such as SAS providers. Mishandled data, especially with SAS providers, can leave organizations vulnerable to data theft, extortion, and even ransomware installation. The SSAE number 18 standard is used to produce three types of SOC reports. SOC 1, SOC 2, and SOC 3. On the exam, remember that SOC 2 is the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Audit controls, reports, and their impact1m 59s
-
(Locked)
Gap analysis and internal InfoSec management systems2m 41s
-
(Locked)
Policies and stakeholder involvement4m 21s
-
(Locked)
Specialized compliance requirements2m 55s
-
(Locked)
The impact of distributed IT3m 33s
-
(Locked)
Business agreement requirements2m 56s
-
(Locked)
Supply chain management1m 28s
-
(Locked)
-