AT-C 320 - Reporting on an Examination of Controls (SOC 1)

AT-C 320 establishes the requirements for CPA firms to issue a SOC 1 report on a service organization's controls that affect user entities' financial reporting. It specifies the content, structure and auditor's opinion, including a description of the controls, testing performed and results, to help users evaluate the reliability of outsourced financial processes.