An audit designed to assess and report on controls at a service organization relevant to the criteria set forth by the American Institute of Certified Public Accountants regarding security, availability, processing integrity, confidentiality, or privacy.