 |
Journal of Accountancy PodcastAuthor: AICPA & CIMA
The Journal of Accountancy podcast discusses the key issues facing the accounting profession. Language: en-us Genres: Business, Business News, News Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
The risks of quick‑turn SOC engagements and what CPAs should know
Thursday, 30 April, 2026
System and Organization Controls (SOC) reports are examinations performed by CPAs in accordance with the AICPA's Statements on Standards for Attestation Engagements to evaluate the controls over customer data that service organizations such as cloud providers or payroll processors have in place. SOC reports provide independent assurance to the service organization's customers, aka user entities, that those controls are suitably designed and operating effectively. The entrance of technology vendors into the realm of SOC reporting has created some efficiencies, but it also has led to promises of "fast and easy" SOC reports that have raised credibility concerns in the marketplace. In this episode of the Journal of Accountancy podcast, Amy Pawlicki, the AICPA's vice president–Assurance & Advisory Innovation, discusses recent developments affecting SOC engagements. The conversation also highlights what CPAs, service organizations, and report users should watch for to protect trust in SOC reporting. Other resources mentioned in the episode include: A JofA article on ethics risks related to SOC tool providers. The AICPA's SOC landing page. Ethics Staff Insights: Business Arrangements With SOC Tool Providers. What you'll learn from this episode: What SOC reporting is — and why a SOC 2 report is not a certification. How a technology trend is threatening SOC credibility. The ethical risks related to SOC reporting tool vendors. The peer review and the AICPA Code of Professional Conduct requirements for CPAs performing SOC work. Where to find AICPA resources for firms, service organizations, and users.
