SAS No. 70 BADM 559 Jong Choi. Overview of SAS 70 Definition ▫SAS 70 helps service auditors to assess operational and technical controls of a service.

Slides:

Advertisements

Similar presentations

AUDITING : AN OVERVIEW. Auditing defined It is a critical and systematic examination or review of accounting reports, documents, records, procedures and.

Advertisements

Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

CHAPTER 1 AUDITING AND THE PUBLIC ACCOUNTING PROFESSION Fall 2007 u What is auditing? u Types of Audits u Independent Auditor Relationships u Services.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The CPA Profession Chapter 2.

Dr. Mohamed A. Hamada Lecturer of Accounting Information Systems Advanced Auditing Lecture 1 Assurance and Attestation Services.

SERVICE ORGANIZATION CONTROL REPORTS SM Formerly SAS 70 Reports.

Office of the Auditor General of Canada CANADA’S ADOPTION OF INTERNATIONAL STANDARDS ON AUDITING 20 FACTS PREPARERS of FINANCIAL STATEMENTS SHOULD KNOW.

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved Chapter 21 CHAPTER 21 ASSURANCE, ATTESTATION, AND OTHER FORMS OF SERVICES.

Third Party Reporting © 2008 Ernst & Young LLP. All rights reserved. For Internal Use Within EY Only; Not for Distribution to Clients. Third Party Reporting.

1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.

Module A1 Other Public Accounting Services ACCT 4080.

9.401 Auditing Chapter 1 Introduction. Definition of Auditing The accumulation and evaluation The accumulation and evaluation Of evidence about information.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.

Auditing A Risk-Based Approach To Conducting A Quality Audit

18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.

CHAPTER 2 FINANCIAL STATEMENT AUDITS AND AUDITORS’ RESPONSIBILITIES Fall 2007 u G enerally Accepted Auditing Standards u Assurance Provided by an Audit.

The CPA Profession Chapter 2.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Nature of an Integrated Audit

Chicagoland IASA Spring Conference

 CPA firms provide audits as well as other attestation and assurance services.  Additional services provided by CPA firms : 1. Accounting and bookkeeping.

Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Impact of the New Clarity Standards on Governmental Audits Presented by Beila Sherman, CPA and Enrique Llerena, CPA.

Auditing Internal Control over Financial Reporting

Service Organization Control (SOC) Reporting Options and Information

5-1 McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved. Chapter 5 Internal Control Evaluation: Assessing Control Risk “If everything.

The CPA Profession Chapter 2 By Arens et. al. Learning Objective 1 Describe the nature of CPA firms, what they do, and their structure.

PwC Internal Control Reports: Facts, Myths and Best Practices FIRMA National Risk Management Training Conference – San Francisco, CA Wednesday March 31,

Auditing Internal Control over Financial Reporting

INTERNAL CONTROL OVER FINANCIAL REPORTING

Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.

Chapter Three IT Risks and Controls.

Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Assurance Report on Controls at Service Organizations SAE 3402

Chapter 8 Audit Planning and Analytical Procedures

5-1 McGraw-Hill/Irwin ©2007 by the McGraw-Hill Companies, Inc. All rights reserved. Chapter 5 Internal Control Evaluation: Assessing Control Risk.

Compliance Audit related to the Audit of Financial Statements Seminar on Financial Audit Standards October 2008 Deputy Director General Kelly Ånerud, Technical.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Practice Management Quality Control

Audit Planning Process

ISSAI 400 Compliance Auditing

Chapter 9: Introduction to Internal Control Systems

Solutions Within Reach

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1 Chapter Seven Auditing Internal Control over Financial Reporting.

1 Kingsley Karunaratne, Department of Accounting, University of Sri Jayewardenepura, Colombo - Sri Lanka Practice Management.

BA 427 – Assurance and Attestation Services Lecture 21 Tests of Controls.

Description CAS200Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Canadian Auditing Standards CAS210Agreeing.

Statement on Auditing Standards (SAS) No. 70, Service Organizations BADM 559 Final Project By: Kristina Morales.

Acumen insight ideas attention reach expertise depth agility talent SAS 70 – Readiness Kick-off Presented by Rod Walsh.

McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Auditing Internal Control over Financial Reporting Chapter Seven.

ISO Registration Common Areas of Nonconformances.

BA 427 – Assurance and Attestation Services Lecture 7 Reporting on Internal Controls.

1 - 1 Copyright  2003 Pearson Education Canada Inc. CHAPTER 1 An Overview of Auditing and Assurance Services.

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder Section 404 Audits of Internal Control and Control Risk Chapter 10.

18-1 Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

SAS No. 70, Service Organizations A standard for reporting on a service organization’s controls affecting user entities' financial statements. Only for.

Service Organization Control Reports What Have We Learned? Chris Bruhn DIRECTOR, IT RISK SERVICES, BKD, LLP SAS 70 ENDS EXIT TO SSAE 16.

May 3, 2016 Presented by: Jamila Piracci, Vice President, OTC Derivatives Alessandra Riccardi, Director of Capital and Risk NFA Webinar: Margin Model Approval.

Improving Compliance with ISAs Presenters: Al Johnson & Pat Hayle.

AUDIT STAFF TRAINING WORKSHOP 13 TH – 14 TH NOVEMBER 2014, HILTON HOTEL NAIROBI AUDIT PLANNING 1.

Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.

Government Internal Audit Career

Chapter 1 : Introduction to Auditing

Service Organization Control (SOC)

MODULE 2 INTRODUCTION TO GOVERNANCE AUDIT

 Phase I - Client Acceptance  Phase II - Planning  Phase III – Field work/Testing and Evidence  Phase IV – Reporting/Evaluation and Judgment PREPARED.

Canadian Auditing Standards (CAS)

SOFE CDS – Monday, July 16th, 2018

Presentation transcript:

SAS No. 70 BADM 559 Jong Choi

Overview of SAS 70 Definition ▫SAS 70 helps service auditors to assess operational and technical controls of a service organization and issue a service auditor’s report Purpose ▫Demonstrate effective control placed in operation Legislation compliance ▫Health Insurance Portability and Accountability Act ▫Gramm-Leach-Bliley Act ▫Sarbanes-Oxley Act

Background SAS 70 SAS 55 - Original guideline to assess internal control structure in a financial statement audit - However, inefficiencies in performing the procedures SAS 94 - More importance of information technology on meeting financial reporting objectives

Type I and Type II Type I Assurance on - Fairly represented description of controls by management - Suitably designed controls that achieve control objectives - Control place in operating as of a specified date Type II Assurance on - The same as Type I - Operating effectiveness of controls

Organization and Content of a Report Section I: Opinion of Service Auditor ▫Includes an opinion letter regarding the service organization’s internal controls Section II: Description of Controls ▫Includes management’s description in accordance to COSO framework Section III: Control Objectives ▫Provides reasonable assurance that controls are tested, approved and documented Section IV: Other information provided ▫Includes any additional information beyond the descriptions of controls

Benefits to a Service Organization Provide assurance on the establishment of internal control placed in operation Build up firm’s reputation Reduce unnecessary compliance cost with user auditors Be advised on existing control policies and procedures for improvement

Benefits to a User Organization Receive assurance and more understandings regarding service organization’s control system Reduce user auditors’ cost

Grant Thornton’s Approach Phase 1 – SAS 70 Readiness Review ▫Gains understanding and identifies the key business processing and information technology controls Phase 2 – Fair Representation and Suitability of Controls ▫Helps and evaluates representation of description of controls and effectiveness of the control design Phase 3 – Test and Observe ▫Conducts inquiry, inspection, observation, and re- performance to test specific control activities Phase 4 – Report and Attest ▫Issue either Type I or Type II report

Questions?