Third Party Reporting © 2008 Ernst & Young LLP. All rights reserved. For Internal Use Within EY Only; Not for Distribution to Clients. Third Party Reporting.

Slides:



Advertisements
Similar presentations
Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.
Advertisements

International Federation of Accountants Professional Perspectives Through IFAC Initiatives: An International Auditing and Assurance Standards Board Perspective.
ISA Implementation Support Module Prepared by IAASB Staff October 2010 Written Representations.
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The CPA Profession Chapter 2.
SERVICE ORGANIZATION CONTROL REPORTS SM Formerly SAS 70 Reports.
Office of the Auditor General of Canada CANADA’S ADOPTION OF INTERNATIONAL STANDARDS ON AUDITING 20 FACTS PREPARERS of FINANCIAL STATEMENTS SHOULD KNOW.
March 6, 2012 SOC Reporting: What is New in the Audit Guides?
Chapter 20 Additional Assurance Services: Other Information
Assurance Services and Auditing Research Chapter 8.
Assurance, Attestation, and Internal Auditing Services
The Role of the Public Accountant in the American Economy
The Role of the Public Accountant in the American Economy.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved Chapter 21 CHAPTER 21 ASSURANCE, ATTESTATION, AND OTHER FORMS OF SERVICES.
Assurance Services and Auditing Research Chapter 8.
Module A1 Other Public Accounting Services ACCT 4080.
International Auditing and Assurance Standards Board Accounting Estimates, Including Fair Value Accounting Estimates, and Related Disclosures ISA Implementation.
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Other Assurance Services Chapter 24.
Auditing A Risk-Based Approach To Conducting A Quality Audit
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Nature of an Integrated Audit
The Camp Audit “Keep your friends close and your auditor closer”
ISA Implementation Support Module Prepared by IAASB Staff October 2010 Materiality, Misstatements and Reporting – Part III.
SAS No. 70 BADM 559 Jong Choi. Overview of SAS 70 Definition ▫SAS 70 helps service auditors to assess operational and technical controls of a service.
International Auditing and Assurance Standards Board Communicating Deficiencies in Internal Control to Those Charged with Governance and Management ISA.
Navigating Guidance Changes for Service Organization Control (SOC) Reports NSAA 2011 Annual Conference Deloitte & Touche LLP June 16, 2011.
Impact of the New Clarity Standards on Governmental Audits Presented by Beila Sherman, CPA and Enrique Llerena, CPA.
Service Organization Control (SOC) Reporting Options and Information
The CPA Profession Chapter 2 By Arens et. al. Learning Objective 1 Describe the nature of CPA firms, what they do, and their structure.
International Auditing and Assurance Standards Board Audits of Group Financial Statements ISA Implementation Support Module Prepared by IAASB Staff November.
PwC Internal Control Reports: Facts, Myths and Best Practices FIRMA National Risk Management Training Conference – San Francisco, CA Wednesday March 31,
New Auditing Standards Laurie Ball, CPA Swenson Advisors, LLP (Murrieta) Audit Director Accounting Day May 12, 2008.
International Auditing and Assurance Standards Board Communication with Those Charged with Governance ISA Implementation Support Module Prepared by IAASB.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
1 The Impact of SAS 112 on Governmental Financial Statement Audits GAQC Member Conference Call January 4, 2007 Presented by Chuck Landes, CPA.
Assurance Report on Controls at Service Organizations SAE 3402
Chapter 19 Additional Assurance Services: Historical Financial Information McGraw-Hill/Irwin Copyright © 2014 by The McGraw-Hill Companies, Inc. All rights.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Presentation Subject Header OVERVIEW OF THE ED - ISRS 4410 Presenter: Ashif Kassam Group Chief Executive, RSM Ashvir.
Chapter 20 Additional Assurance Services: Other Information McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
Semaan, Gholam & Co.1 MANAGEMENT REPRESENTATIONS INTERNATIONAL STANDARD ON AUDITING 580.
ISSAI 400 Compliance Auditing
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.
Auditor’s Professional Roles and Responsibilities.
International Federation of Accountants April 28, 2009 Impact Assessment Process for IFAC Linda Lach and Alta Prinsloo.
Service Organization Controls (SOC) Overview Shared Assessment Member Forum Presentation April 10, 2012.
Acumen insight ideas attention reach expertise depth agility talent SAS 70 – Readiness Kick-off Presented by Rod Walsh.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 2-1 Chapter Two The Financial Statement Auditing Environment.
18-1 Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Field Work Laws and Regulations. Field Work Laws and Regulations This is one of a series of mini – modules designed to give the auditor guidance in the.
ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.
Prepared for Auditor’s Report to the Board of Education June 30, 2015.
Audit Reports Chapter 3. Audit Reports What is an audit report? Different reporting guidelines exist depending on the type of company upon which the auditor.
SAS No. 70, Service Organizations A standard for reporting on a service organization’s controls affecting user entities' financial statements. Only for.
©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley Other Assurance Services Chapter 25.
Service Organization Control Reports What Have We Learned? Chris Bruhn DIRECTOR, IT RISK SERVICES, BKD, LLP SAS 70 ENDS EXIT TO SSAE 16.
Improving Compliance with ISAs Presenters: Al Johnson & Pat Hayle.
IFAC-FEE Practitioners Symposium
Chapter 19 Additional Assurance Services: Historical Financial Information McGraw-Hill/Irwin Copyright © 2014 by The McGraw-Hill Companies, Inc. All rights.
Service Organization Control (SOC)
Professional Standards
Chapter 20 Additional Assurance Services: Other Information
IAASB Possible Actions Regarding Less Complex Entities
EER Assurance September 2018
Alignment of Part 4B with ISAE 3000
Other Assurance Services
Chapter 20 Additional Assurance Services: Other Information
Chapter 20 Additional Assurance Services: Other Information
ISA Implementation Support Module
EER Assurance December 2018
Alignment of Part 4B with ISAE 3000
Presentation transcript:

Third Party Reporting © 2008 Ernst & Young LLP. All rights reserved. For Internal Use Within EY Only; Not for Distribution to Clients. Third Party Reporting New International Audit Standard for Service Auditor’s Reports – ISAE 3402 James Merrill – Ernst & Young LLP

Third Party Reporting 2 Agenda Background Comparison of ISAE 3402 to SAS 70 Planning Considerations

Third Party Reporting 3 Historical Perspective AICPA set initial standard with SAS No. 70 in 1990s Other countries have issued similar standards –Japan – ASCR 18 –UK – FRAG 21/94 –Others – Australia, Hong Kong US Congress’ Sarbanes-Oxley Act in 2002 significantly increased demand for SAS 70 reports International Federation of Accountants (IFAC) issued user’s guide to service auditor’s reports in 2004

Third Party Reporting 4 New Standard – Timeline of IFAC IFAC’s International Accounting and Auditing Standards Board (IAASB) recognized a need for consistent service auditor’s reports on an international basis in 2006 IAASB developed ISAE 3402 in 2007 –Started with SAS 70 standard –Exposure draft issued January 2008 –Coordinating with local country standards setting organizations –Effective in late 2009

Third Party Reporting 5 Similarities Between ISAE 3402 & SAS 70 Major elements of SAS 70 adopted by the IAASB –Type 1 and Type 2 reports (now Type A and Type B) –Description of controls prepared by service organization –List of controls specified and tested –Provision for carve-out and inclusive sub-servicers –Use of internal audit is permitted Helps to minimize transition efforts Easier training for service organization staff, auditors, and users of such reports

Third Party Reporting 6 Differences Between ISAE 3402 & SAS 70 Change to an attestation standard –Service organization attests to the existence and operating effectiveness of controls in the report –Auditor opines on the subject matter supporting the assertions Service auditor required to assess the reasonableness of management’s criteria used to develop the control objectives and controls –Criteria must be specific, measurable, and relevant to users’ intended reliance on the report

Third Party Reporting 7 Planning Considerations – ISAE 3402 Assertions –Included in the report after the service auditor’s opinion –In addition to the letter of representations between the auditor and the service organization –Examples provided by IAASB in ISAE 3402 Appendices

Third Party Reporting 8 Assertions by Management – ISAE 3402 Focus on existing systems and user organizations Confirms to user of the report: –Description of controls is fairly presented –Does not distort or omit information relevant to intended users –Controls were suitably designed and operated effectively –The criteria used to make the assertion are appropriate. Signed by business process owners

Third Party Reporting 9 Distribution of the Report – ISAE 3402 Intended Users and Purpose This report and the description of tests of controls on pages [yy-zz] are intended only for existing customers of XYZ Service Organization’s [type or name of] system, and their auditors, who have a sufficient understanding to consider it, along with other information including information about controls operated by customers themselves, when assessing the risks of material misstatements of customers’ financial statements. [Service auditor’s signature] [Date of the service auditor’s assurance report]

Third Party Reporting 10 Planning Considerations – ISAE 3402 Planning objectives: –Developing relevant assertions –Identifying relevant criteria for control objectives –Identifying other changes to report content Project management for transition is necessary –Designated service organization staff for best results

Third Party Reporting 11 Planning Considerations – AICPA Standards Awareness of new AICPA attest standard –Replaces SAS 70 with two new standards ISA 402 ISAE 3402 –Expected implementation year is 2010 –Similar in scope and content to ISAE 3402 –Parallel planning effort necessary by service organizations

Third Party Reporting 12 IAASB Feedback Period IAASB welcomes feedback during “comment period” –Encourages industry reaction and feedback –ISA 402 (user auditor’s use of the report) feedback due April 30, 2008 –ISAE 3402 (reporting standard) feedback due May 31, 2008 –Respond directly to IAASB in New York City –Document Address: Details.php?EDID=0099

Third Party Reporting 13

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.