CC3.3
Considers fraud in risk assessment
SecurityNot implementedStale reviewSecurity (Common Criteria)
Control description
AICPA Trust Services Criteria
The entity considers the potential for fraud in assessing risks to the achievement of objectives.
Auditor test plan
How this is tested during the audit
Auditor expects a documented fraud-risk assessment covering financial reporting, asset misappropriation, and data exfiltration paths.
Evidence
No evidence on file yet
No evidence attached
Upload at least one artifact before the audit window opens.
Last reviewed
210d
Stale — reset before audit
Evidence on file
0
Owner
DS
Director, Security
Accountable for design + operating effectiveness
Status timeline
Recent control history
Last reviewed by Director, Security
210d ago
Owner assigned
217d ago
Control identified as missing
231d ago