Stay Informed
of New Reports
Twitter
Where To Report Waste
Fraud, Abuse, Or Retaliation
Where To Report Waste Fraud, Abuse, Or Retaliation
Recommendation Details
Text of Recommendation
Complete an NFC-specific risk assessment to ensure implementation of key controls relevant to the Payroll financial statement assertion (e.g., through complete and timely SOC 1® reports and/or internal AOC CUECs). If the AOC becomes aware that the content of NFC-related SOC 1® reports will continue to be provided in an untimely manner, AOC management should implement, through its risk assessment, a process to separately identify and assess mitigating and compensating controls to its environment. Additionally, for known control deficiencies at the service and key subservice providers, the AOC should identify compensating control(s) to mitigate the risks within the AOC control environment.
Recommendation Number
4
Recommendation Status
Closed
Significant Recommendation
No
Recommendation Questioned Costs
$0
Recommendation Funds for Better Use
$0