What are the AICPA trust service criteria?

The AICPA Trust Services Criteria are a set of control criteria established by the AICPA’s Assurance Services Executive Committee (ASEC). These criteria are used to evaluate and report on the controls over the following five categories:

  1. Security: Protecting information and systems against unauthorized access.
  2. Availability: Ensuring that information and systems are available for operation and use as committed or agreed.
  3. Processing Integrity: Ensuring that system processing is complete, valid, accurate, timely, and authorized.
  4. Confidentiality: Protecting information designated as confidential.
  5. Privacy: Protecting personal information collected, used, retained, disclosed, and disposed of in conformity with the commitments in the entity’s privacy notice.

These criteria are essential for organizations to demonstrate their commitment to maintaining robust controls over their information systems and data.

Shopping Cart