These controls are usually delineated SOC reports within their own report sub-section and/or next to the control objectives they relate. When reviewing SOC reports, user entities should review all CUECs where the user entity must perform certain controls. User entities are not covered by it and should develop their own contingency plan. Contingency Plan – The service organization’s contingency plan is applicable to its operations only.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |