Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CPA AUD Flashcards > AUD 3 Internal Control 15 - 4 Service Organizations > Flashcards

AUD 3 Internal Control 15 - 4 Service Organizations Flashcards

1
Q

Service Organizations

Many companies use various types of service bureaus to assist them with the processing of routine transactions.

Certain transactions, like payroll, may require a particular expertise and can often be processed more efficiently by an entity that specializes in that type of transaction. One of the most common types of service bureaus processes the payroll of various customer entities.

A

Service Organizations

Many companies use various types of service bureaus to assist them with the processing of routine transactions.

Certain transactions, like payroll, may require a particular expertise and can often be processed more efficiently by an entity that specializes in that type of transaction. One of the most common types of service bureaus processes the payroll of various customer entities.

When an entity uses one of these service bureaus, also referred to as service organizations, AU-C section 402, Audit Considerations Relating to an Entity Using a Service Organization, provides guidance as to the impact on an audit.

It defines a service organization as “an organization or segment of an organization that provides services to user entities that are relevant to those user entities’ internal control over financial reporting.”

The objective of the “user auditor” (the auditor of the client using the services of the service organization), are to obtain an understanding of the nature and significance of the services provided, and evaluate their effect on the user entity’s internal control in order to assess the risks of material misstatement, and to design and perform audit procedures responsive to those risks.

Since the auditor is not in a position to examine the activities of such an outside organization, they will often need to rely on reports of the auditor of the service organization itself, referred to as the service auditor.

The service auditor will usually issue a report on the internal control structure that the user auditor may consider in assessing the internal control structure of the client.

The report on internal control structure by the service organization’s auditor will describe the services of the organization that are covered by the report and a description of the auditor’s procedures.

This will enable the auditor of one of the service organization’s customers to understand the overall impact of the service organization’s work on the internal control structure of the customer.

Before relying on such a report, the auditor should be satisfied as to the competence and independence of the service auditor, and the adequacy of the standards under which the report was issued.

The report of the service organization’s auditor will assist the customer’s auditor in gaining an understanding of the internal control structure of the customer, to the extent it depends on the service organization’s work.

This will not, however, be considered a basis for determining the effectiveness of the customer’s internal control structure, so the use of the report is not a division of responsibility.

As a result, there must be no reference to the auditor of the service organization in the audit report on the financial statements of the customer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Service Organizations

When an entity uses one of these service bureaus, also referred to as service organizations, AU-C section 402, Audit Considerations Relating to an Entity Using a Service Organization, provides guidance as to the impact on an audit.

It defines a service organization as “an organization or segment of an organization that provides services to user entities that are relevant to those user entities’ internal control over financial reporting.”

A

Service Organizations

Many companies use various types of service bureaus to assist them with the processing of routine transactions.

Certain transactions, like payroll, may require a particular expertise and can often be processed more efficiently by an entity that specializes in that type of transaction. One of the most common types of service bureaus processes the payroll of various customer entities.

When an entity uses one of these service bureaus, also referred to as service organizations, AU-C section 402, Audit Considerations Relating to an Entity Using a Service Organization, provides guidance as to the impact on an audit.

It defines a service organization as “an organization or segment of an organization that provides services to user entities that are relevant to those user entities’ internal control over financial reporting.”

The objective of the “user auditor” (the auditor of the client using the services of the service organization), are to obtain an understanding of the nature and significance of the services provided, and evaluate their effect on the user entity’s internal control in order to assess the risks of material misstatement, and to design and perform audit procedures responsive to those risks.

Since the auditor is not in a position to examine the activities of such an outside organization, they will often need to rely on reports of the auditor of the service organization itself, referred to as the service auditor.

The service auditor will usually issue a report on the internal control structure that the user auditor may consider in assessing the internal control structure of the client.

The report on internal control structure by the service organization’s auditor will describe the services of the organization that are covered by the report and a description of the auditor’s procedures.

This will enable the auditor of one of the service organization’s customers to understand the overall impact of the service organization’s work on the internal control structure of the customer.

Before relying on such a report, the auditor should be satisfied as to the competence and independence of the service auditor, and the adequacy of the standards under which the report was issued.

The report of the service organization’s auditor will assist the customer’s auditor in gaining an understanding of the internal control structure of the customer, to the extent it depends on the service organization’s work.

This will not, however, be considered a basis for determining the effectiveness of the customer’s internal control structure, so the use of the report is not a division of responsibility.

As a result, there must be no reference to the auditor of the service organization in the audit report on the financial statements of the customer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Service Organizations

The objective of the “user auditor” (the auditor of the client using the services of the service organization), are to obtain an understanding of the nature and significance of the services provided, and evaluate their effect on the user entity’s internal control in order to assess the risks of material misstatement, and to design and perform audit procedures responsive to those risks.

A

Service Organizations

Many companies use various types of service bureaus to assist them with the processing of routine transactions.

Certain transactions, like payroll, may require a particular expertise and can often be processed more efficiently by an entity that specializes in that type of transaction. One of the most common types of service bureaus processes the payroll of various customer entities.

When an entity uses one of these service bureaus, also referred to as service organizations, AU-C section 402, Audit Considerations Relating to an Entity Using a Service Organization, provides guidance as to the impact on an audit.

It defines a service organization as “an organization or segment of an organization that provides services to user entities that are relevant to those user entities’ internal control over financial reporting.”

The objective of the “user auditor” (the auditor of the client using the services of the service organization), are to obtain an understanding of the nature and significance of the services provided, and evaluate their effect on the user entity’s internal control in order to assess the risks of material misstatement, and to design and perform audit procedures responsive to those risks.

Since the auditor is not in a position to examine the activities of such an outside organization, they will often need to rely on reports of the auditor of the service organization itself, referred to as the service auditor.

The service auditor will usually issue a report on the internal control structure that the user auditor may consider in assessing the internal control structure of the client.

The report on internal control structure by the service organization’s auditor will describe the services of the organization that are covered by the report and a description of the auditor’s procedures.

This will enable the auditor of one of the service organization’s customers to understand the overall impact of the service organization’s work on the internal control structure of the customer.

Before relying on such a report, the auditor should be satisfied as to the competence and independence of the service auditor, and the adequacy of the standards under which the report was issued.

The report of the service organization’s auditor will assist the customer’s auditor in gaining an understanding of the internal control structure of the customer, to the extent it depends on the service organization’s work.

This will not, however, be considered a basis for determining the effectiveness of the customer’s internal control structure, so the use of the report is not a division of responsibility.

As a result, there must be no reference to the auditor of the service organization in the audit report on the financial statements of the customer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Service Organizations

Since the auditor is not in a position to examine the activities of such an outside organization, they will often need to rely on reports of the auditor of the service organization itself, referred to as the service auditor.

The service auditor will usually issue a report on the internal control structure that the user auditor may consider in assessing the internal control structure of the client.

A

Service Organizations

Many companies use various types of service bureaus to assist them with the processing of routine transactions.

Certain transactions, like payroll, may require a particular expertise and can often be processed more efficiently by an entity that specializes in that type of transaction. One of the most common types of service bureaus processes the payroll of various customer entities.

When an entity uses one of these service bureaus, also referred to as service organizations, AU-C section 402, Audit Considerations Relating to an Entity Using a Service Organization, provides guidance as to the impact on an audit.

It defines a service organization as “an organization or segment of an organization that provides services to user entities that are relevant to those user entities’ internal control over financial reporting.”

The objective of the “user auditor” (the auditor of the client using the services of the service organization), are to obtain an understanding of the nature and significance of the services provided, and evaluate their effect on the user entity’s internal control in order to assess the risks of material misstatement, and to design and perform audit procedures responsive to those risks.

Since the auditor is not in a position to examine the activities of such an outside organization, they will often need to rely on reports of the auditor of the service organization itself, referred to as the service auditor.

The service auditor will usually issue a report on the internal control structure that the user auditor may consider in assessing the internal control structure of the client.

The report on internal control structure by the service organization’s auditor will describe the services of the organization that are covered by the report and a description of the auditor’s procedures.

This will enable the auditor of one of the service organization’s customers to understand the overall impact of the service organization’s work on the internal control structure of the customer.

Before relying on such a report, the auditor should be satisfied as to the competence and independence of the service auditor, and the adequacy of the standards under which the report was issued.

The report of the service organization’s auditor will assist the customer’s auditor in gaining an understanding of the internal control structure of the customer, to the extent it depends on the service organization’s work.

This will not, however, be considered a basis for determining the effectiveness of the customer’s internal control structure, so the use of the report is not a division of responsibility.

As a result, there must be no reference to the auditor of the service organization in the audit report on the financial statements of the customer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Service Organizations

The report of the service organization’s auditor will assist the customer’s auditor in gaining an understanding of the internal control structure of the customer, to the extent it depends on the service organization’s work.

This will not, however, be considered a basis for determining the effectiveness of the customer’s internal control structure, so the use of the report is not a division of responsibility.

As a result, there must be no reference to the auditor of the service organization in the audit report on the financial statements of the customer.

A

Service Organizations

Many companies use various types of service bureaus to assist them with the processing of routine transactions.

Certain transactions, like payroll, may require a particular expertise and can often be processed more efficiently by an entity that specializes in that type of transaction. One of the most common types of service bureaus processes the payroll of various customer entities.

When an entity uses one of these service bureaus, also referred to as service organizations, AU-C section 402, Audit Considerations Relating to an Entity Using a Service Organization, provides guidance as to the impact on an audit.

It defines a service organization as “an organization or segment of an organization that provides services to user entities that are relevant to those user entities’ internal control over financial reporting.”

The objective of the “user auditor” (the auditor of the client using the services of the service organization), are to obtain an understanding of the nature and significance of the services provided, and evaluate their effect on the user entity’s internal control in order to assess the risks of material misstatement, and to design and perform audit procedures responsive to those risks.

Since the auditor is not in a position to examine the activities of such an outside organization, they will often need to rely on reports of the auditor of the service organization itself, referred to as the service auditor.

The service auditor will usually issue a report on the internal control structure that the user auditor may consider in assessing the internal control structure of the client.

The report on internal control structure by the service organization’s auditor will describe the services of the organization that are covered by the report and a description of the auditor’s procedures.

This will enable the auditor of one of the service organization’s customers to understand the overall impact of the service organization’s work on the internal control structure of the customer.

Before relying on such a report, the auditor should be satisfied as to the competence and independence of the service auditor, and the adequacy of the standards under which the report was issued.

The report of the service organization’s auditor will assist the customer’s auditor in gaining an understanding of the internal control structure of the customer, to the extent it depends on the service organization’s work.

This will not, however, be considered a basis for determining the effectiveness of the customer’s internal control structure, so the use of the report is not a division of responsibility.

As a result, there must be no reference to the auditor of the service organization in the audit report on the financial statements of the customer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Service Organizations

Transactions processed by service organization
(payroll processing) (AU-C 402/AT-C 320)

  1. Test of Control in place at client.
  2. Test of Control in place at service organization by another auditor.
  3. Get report from the other Auditor (service auditor).
  4. A service auditor should inquire of management about subsequent events.
A

Service Organizations

Transactions processed by service organization
(payroll processing) (AU-C 402/AT-C 320)

  1. Test of Control in place at client.
  2. Test of Control in place at service organization by another auditor.
  3. Get report from the other Auditor (service auditor).
  4. A service auditor should inquire of management about subsequent events.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Service Organizations

Transactions processed by service organization
(payroll processing) (AU-C 402/AT-C 320)

  1. Test of Control in place at client.
  2. Test of Control in place at service organization by another auditor.
    2. 1 Report on whether controls have been implemented and controls operating effectiveness.
  3. Get report from the other Auditor (service auditor).
    3. 1 Expresses an opinion on management’s assertions:
    3. 2 The report also includes a description of the tests of controls and the results of those tests that were performed by the service auditor.
    3. 3 Description of the Scope and nature of procedures performed.
    3. 4 ID party specifying objectives.
    3. 5 ID purpose of engagement.
    3. 6 ID parties Intended use.
  4. A service auditor should inquire of management about subsequent events.
A

Service Organizations

Transactions processed by service organization
(payroll processing) (AU-C 402/AT-C 320)

  1. Test of Control in place at client.
  2. Test of Control in place at service organization by another auditor.
    2. 1 Report on whether controls have been implemented and controls operating effectiveness.
  3. Get report from the other Auditor (service auditor).
    3. 1 Expresses an opinion on management’s assertions:
    3. 2 The report also includes a description of the tests of controls and the results of those tests that were performed by the service auditor.
    3. 3 Description of the Scope and nature of procedures performed.
    3. 4 ID party specifying objectives.
    3. 5 ID purpose of engagement.
    3. 6 ID parties Intended use.
  4. A service auditor should inquire of management about subsequent events.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Service Organizations

Transactions processed by service organization
(payroll processing) (AU-C 402/AT-C 320)

  1. Test of Control in place at client.
  2. Test of Control in place at service organization by another auditor.
    2. 1 Report on whether controls have been implemented and controls operating effectiveness.
  3. Get report from the other Auditor (service auditor).
    3. 1 Expresses an opinion on management’s assertions regarding:
    3. 11 Management’s description of the service organization’s system fairly presents the system that was designed and implemented during the period.
    3. 12 The controls related to the control objectives stated in management’s description were suitably designed and operated effectively during the period.
    3. 2  The report also includes a description of the tests of controls and the results of those tests that were performed by the service auditor.
3. 3  Description of the Scope and nature of procedures performed.

3. 4  ID party specifying objectives.
3. 5  ID purpose of engagement.
3. 6 ID parties Intended use.
  4. A service auditor should inquire of management about subsequent events.
A

Service Organizations

Transactions processed by service organization
(payroll processing) (AU-C 402/AT-C 320)

  1. Test of Control in place at client.
  2. Test of Control in place at service organization by another auditor.
    2. 1 Report on whether controls have been implemented and controls operating effectiveness.
  3. Get report from the other Auditor (service auditor).
    3. 1 Expresses an opinion on management’s assertions regarding:
    3. 11 Management’s description of the service organization’s system fairly presents the system that was designed and implemented during the period.
    3. 12 The controls related to the control objectives stated in management’s description were suitably designed and operated effectively during the period.
    3. 2  The report also includes a description of the tests of controls and the results of those tests that were performed by the service auditor.
3. 3  Description of the Scope and nature of procedures performed.

3. 4  ID party specifying objectives.
3. 5  ID purpose of engagement.
3. 6 ID parties Intended use.
  4. A service auditor should inquire of management about subsequent events.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Service Organizations

As part of ob____ing an un________ing of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Service Organizations

As part of obtaining an understanding of the inte____ con____s of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a cl____ using a ser____ organization, the auditor should obtain an understanding as to how the client uses the service organization.

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the aud____ should obtain an un________ing as to how the client uses the service organization.

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to h__ the cl____ uses the service organization.

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client u__s the ser____organization.

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• The na____ of the ser____s provided;

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• The nature of the services provided;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The sign________ of the ser____s to the user entity;
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the us__ e___ty;
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The ef____ on the u___ entity’s internal control;
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s int_____ con____;
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The na____ and mat________ of transactions that are processed by the service organization;
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of tra_________s that are pro____ed by the service organization;
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed b_ the ser____ organization;
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• Inte______ bet____the activities of the user entity and of the service organization;

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• Interaction between the activities of the user entity and of the service organization;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• Interaction between the a_____ies of the u___ entity and of the service organization;

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• Interaction between the activities of the user entity and of the service organization;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• Interaction between the a____ies of the user entity and of the ser____ organization;

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• Interaction between the activities of the user entity and of the service organization;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• Inter_____ between the activities of the u___ entity and of the ser____ organization;

A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

• Interaction between the activities of the user entity and of the service organization;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The na____ of the rela_______ between the entities;
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship bet____ the e_____ies;
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities;
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Cont_______ t___s for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities per____ed b_ the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities per____ed by the ser____ organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The un__________ing will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The na____ of the services provided;
  • The sign________ of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The ef____ on the user entity’s internal con____;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The na____ and materiality of tra_________s that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and ma______y of tran______s that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Inter_____ between the activities of the us__ entity and of the serv____ organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The na____ of the rela_______ between the en____es; and
  • Contractual terms for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual t___s for activities performed by the ser____ organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Service Organizations

As part of o______ing an understanding of the internal con____s of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
A

Service Organizations

As part of obtaining an understanding of the internal controls of a client using a service organization, the auditor should obtain an understanding as to how the client uses the service organization.

The understanding will include:

  • The nature of the services provided;
  • The significance of the services to the user entity;
  • The effect on the user entity’s internal control;
  • The nature and materiality of transactions that are processed by the service organization;
  • Interaction between the activities of the user entity and of the service organization;
  • The nature of the relationship between the entities; and
  • Contractual terms for activities performed by the service organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Service Organizations

The auditor will also ev________ the int______ con____s established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Service Organizations

The auditor will also evaluate the internal controls est______ed by the us__ e___ty to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to admi_____ the rela________ with the ser____ organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The e_____y may, for example, ha__ con___s to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to v____y the ac_____y of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the out___ of the se_____ organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The au_____ will u__ the un_______ing of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the na____ and sig________ of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the ser____s pr____ed b_ the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the e_____y’s related con____s, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to id_____y and a____ss risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess r___s of ma_____ misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Service Organizations

The au_____ will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

A

Service Organizations

The auditor will also evaluate the internal controls established by the user entity to administer the relationship with the service organization.

The entity may, for example, have controls to verify the accuracy of the output of the service organization.

The auditor will use the understanding of the nature and significance of the services provided by the service organization, along with the entity’s related controls, to identify and assess risks of material misstatement that may result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Service Organizations

In some cases, the au_____ will be un____ to ob____ a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

57
Q

Service Organizations

In some cases, the auditor will be unable to obtain a suffi_____ under_____ing of the nature and significance of the relationship with a service organization using the resources available through the user entity.

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

58
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the na____ and sign_________ of the relat_______ with a service organization using the resources available through the user entity.

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

59
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relat_______ with a ser____ organization using the res______s available through the user entity.

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

60
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the au_____ will obtain a sufficient understanding by pe_____ing one or more of the following:

• Obtaining and reading a type 1 or type 2 report, if available;

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Obtaining and reading a type 1 or type 2 report, if available;

61
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Ob____ing and r___ing a type 1 or type 2 report, if available;

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Obtaining and reading a type 1 or type 2 report, if available;

62
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Obtaining and reading a type 1 or type 2 re____, if available;

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Obtaining and reading a type 1 or type 2 report, if available;

63
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain info________ from contact with the ser____ organization, through the user entity;
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
64
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtain information from contact with the service organization, through the user entity;
  • Ap__y proc______s directly to the operations of the service organization;
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization;
65
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Apply procedures di_____ly to the ope______s of the service organization;

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Apply procedures directly to the operations of the service organization;

66
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Apply procedures directly to the operations of the service organization; or
  • U__ the w__k of another aud____ applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
67
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Use the work of an______ au_____ applying procedures designed to obtain the necessary information.

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Use the work of another auditor applying procedures designed to obtain the necessary information.

68
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Use the work of another auditor ap___ing pro_____es designed to obtain the necessary information.

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Use the work of another auditor applying procedures designed to obtain the necessary information.

69
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Use the work of another auditor applying procedures de____ed to obtain the ne_______y information.

A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

• Use the work of another auditor applying procedures designed to obtain the necessary information.

70
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will ob____ a suf_____ understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
71
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Ob_______g and r____ing a type 1 or type 2 report, if available;
  • Ob____ information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
72
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a t__e 1 or t__e 2 re____, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
73
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain info_______ from contact with the ser____ organization, through the u___ entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
74
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • A__ly pro_______s directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
75
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the op________s of the ser____ organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
76
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • U__ the w__k of another au_____ applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
77
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor ap___ing pro_______s designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
78
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures de____ed to ob___n the necessary info________.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
79
Q

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will ob____ a sufficient und________ing by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
A

Service Organizations

In some cases, the auditor will be unable to obtain a sufficient understanding of the nature and significance of the relationship with a service organization using the resources available through the user entity.

In such cases, the auditor will obtain a sufficient understanding by performing one or more of the following:

  • Obtaining and reading a type 1 or type 2 report, if available;
  • Obtain information from contact with the service organization, through the user entity;
  • Apply procedures directly to the operations of the service organization; or
  • Use the work of another auditor applying procedures designed to obtain the necessary information.
80
Q

Service Organizations

There are t__ reports that the auditor of a service organization may issue:

  • A type 1 report
  • A type 2 report
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

  • A type 1 report
  • A type 2 report
81
Q

Service Organizations

There are two reports that the auditor of a se____ organization may issue:

• A t___ 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

• A t___ 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

82
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the s_____ility of the d____n of the controls.

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the op____ing effe_____ess of the controls.

A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

83
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a re____ on management’s de________n of the service organization’s system of controls and the suitability of the design of the con____s.

• A type 2 report
is a re____ on management’s de________n of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the con____s.

A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

84
Q

Service Organizations

There are two reports that the au_____ of a se_____ organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

85
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s des\_\_\_\_\_\_ of the system;

 o Management’s written ass\_\_\_\_\_n that, in all material respects, based on appropriate criteria,

 o A report from the auditor of the service organization, referred to as the service auditor, expressing an opinion in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the auditor of the service organization, referred to as the service auditor, expressing an opinion in relation to management’s written assertions.
86
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Ma\_\_\_\_\_\_\_\_’s description of the system;

 o Ma\_\_\_\_\_\_\_\_’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an op\_\_\_\_\_ in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
87
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the sy\_\_\_\_;

 o Management’s wri\_\_\_\_\_ ass\_\_\_\_\_\_n that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
88
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s des\_\_\_\_\_\_\_ of the sy\_\_\_\_;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
89
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on m_________’s de_______ of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
90
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of co_____s and the s_____ity of the de____ of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
91
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s wri\_\_\_\_\_ ass\_\_\_\_\_\_ that, in all ma\_\_\_\_\_ respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
92
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A re\_\_\_\_ the ser\_\_\_\_ auditor, expressing an op\_\_\_\_\_ in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
93
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in rel\_\_\_\_\_ to m\_\_\_\_\_\_\_\_\_\_’s written as\_\_\_\_\_\_\_s.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
94
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the su______ty of the de____ of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report the service auditor, expressing an opinion in relation to management’s written assertions.
95
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives; and

 o A report from the auditor of the service organization, referred to as the service auditor, expressing an opinion in relation to management’s written assertions.
96
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s wr\_\_\_\_ ass\_\_\_\_\_\_\_ that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
97
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The des\_\_\_\_\_\_ of the sys\_\_\_\_ fairly presents the system that was designed and implemented as of a specified date
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date
98
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system f\_\_\_ly pre\_\_\_\_s the system that was designed and implemented as of a specified date
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date
99
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the sys\_\_\_\_ that was de\_\_\_\_ed and im\_\_\_\_\_\_\_ed as of a specified date
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date
100
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a sp\_\_\_\_\_ed d\_\_\_ and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
101
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Con\_\_\_\_s related to obj\_\_\_\_\_\_s stated in management’s description were suitably designed to achieve those objectives;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
102
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in m\_\_\_\_\_\_\_\_\_t’s des\_\_\_\_\_\_\_ were suitably designed to achieve those objectives;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
103
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were s\_\_\_\_\_ly de\_\_\_\_ed to achieve those objectives;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
104
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to a\_\_\_\_\_\_ those obj\_\_\_\_\_\_s;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
105
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a re____ on management’s des_______ of the ser____ organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
106
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the sy\_\_\_\_ fairly presents the system that was de\_\_\_\_ed and im\_\_\_\_\_\_\_ed as of a specified date and
      ▪ Co\_\_\_\_\_s related to objectives stated in management’s description were suitably designed to achieve those obj\_\_\_\_\_\_s;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives;
107
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s des\_\_\_\_\_\_\_ of the system;

 o Management’s written ass\_\_\_\_\_\_ that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives; and

 o A report from the service auditor, expressing an opi\_\_\_\_\_ in relation to management’s written ass\_\_\_\_\_\_s.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions.
108
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The de\_\_\_\_\_\_\_\_ of the system fairly pr\_\_\_\_\_\_s the system that was designed and implemented as of a specified date and
      ▪ Co\_\_\_\_\_s related to ob\_\_\_\_\_\_s stated in management’s description were suitably designed to achieve those objectives; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions.
109
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions.

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 1 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date and
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions.

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
110
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a re____ on management’s de________ of the service organization’s system of con____s and the suitability of the design of and the operating effectiveness of the controls.

A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

111
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the s_____ility of the de____ of and the o____ing eff_______ss of the controls.

A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

112
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on m_________’s des_____ of the service organization’s system of controls and the suitability of the design of and the op____ing eff_______ess of the con____s.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
113
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o M\_\_\_\_\_\_\_\_\_’s description of the system;

 o M\_\_\_\_\_\_\_\_\_’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an op\_\_\_\_\_\_ in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
114
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s des\_\_\_\_\_\_\_of the sy\_\_\_\_;

 o Management’s wr\_\_\_\_\_ ass\_\_\_\_\_\_ that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
115
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in a\_\_ ma\_\_\_\_\_ res\_\_\_\_\_s, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
116
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, ex\_\_\_\_\_ing an opinion in relation to management’s written ass\_\_\_\_\_\_s and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
117
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and de\_\_\_\_\_ing the tests of co\_\_\_\_\_s per\_\_\_\_\_ed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
118
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the re\_\_\_\_s of those t\_\_\_\_.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
119
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the ser\_\_\_\_ au\_\_\_\_\_, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
120
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s des\_\_\_\_\_\_ of the system;

 o Management’s written ass\_\_\_\_\_\_ that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opi\_\_\_\_\_ in relation to management’s written ass\_\_\_\_\_s and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
121
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s wr\_\_\_\_\_ ass\_\_\_\_\_ that, in all material respects, based on app\_\_\_\_\_\_\_ criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
122
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The de\_\_\_\_\_\_\_ of the sy\_\_\_\_ fairly presents the system that was designed and implemented as of a specified date,
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
123
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system f\_\_\_ly pr\_\_\_\_\_\_\_s the sy\_\_\_\_ that was designed and implemented as of a specified date,
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
124
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was de\_\_\_\_ed and im\_\_\_\_\_\_\_ed as of a specified d\_\_\_,
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
125
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Con\_\_\_\_s related to obj\_\_\_\_\_s stated in management’s des\_\_\_\_\_\_\_ were suitably designed to achieve those objectives
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives
126
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were s\_\_\_\_\_\_ly de\_\_\_\_ed to achieve those obj\_\_\_\_\_\_s,
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives,
127
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls r\_\_\_\_\_\_\_d to obj\_\_\_\_\_\_es stated in management’s description were suitably designed to achieve those objectives,
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives,
128
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to ach\_\_\_\_\_ those obj\_\_\_\_\_s, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
129
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The con\_\_\_\_s related to the specified obj\_\_\_\_\_s were operating effectively throughout the specified period;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
130
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were op\_\_\_\_\_ing eff\_\_\_\_\_\_ly throughout the specified period;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
131
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the sp\_\_\_\_\_ied pe\_\_\_\_;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
132
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the op_____ing eff_______ess of the co_____s.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
133
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a re____ on management’s des_______ of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written as\_\_\_\_\_\_\_ that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s written assertion that, in all material respects, based on appropriate criteria,

      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,

      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and

      ▪ The controls related to the specified objectives were operating effectively throughout the specified period;
134
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the sy\_\_\_\_;

 o Management’s written ass\_\_\_\_\_\_ that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, ex\_\_\_\_\_\_ing an op\_\_\_\_\_ in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
135
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the op____ing ef_______ess of the con____s.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
136
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the sy\_\_\_\_ fairly presents the system that was designed and implemented as of a specified date,
      ▪ Con\_\_\_\_s related to obj\_\_\_\_\_s stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
137
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The co\_\_\_\_\_s related to the specified objectives were op\_\_\_\_\_ing eff\_\_\_\_\_\_ly throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
138
Q

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
A

Service Organizations

There are two reports that the auditor of a service organization may issue:

• A type 2 report
is a report on management’s description of the service organization’s system of controls and the suitability of the design of and the operating effectiveness of the controls.

It consists of:

 o Management’s description of the system;

 o Management’s written assertion that, in all material respects, based on appropriate criteria,
      ▪ The description of the system fairly presents the system that was designed and implemented as of a specified date,
      ▪ Controls related to objectives stated in management’s description were suitably designed to achieve those objectives, and
      ▪ The controls related to the specified objectives were operating effectively throughout the specified period; and

 o A report from the service auditor, expressing an opinion in relation to management’s written assertions and describing the tests of controls performed and the results of those tests.
139
Q

Service Organizations

To rely upon a type 1 or type 2 report, the auditor should:

  • Determine that the date of a type 1 report, or the period covered by a type 2 report is appropriate for the auditor’s needs;
  • Evaluate whether the evidence provided by the report is appropriate and sufficient for the purpose of obtaining an understanding of the user’s internal control; and
  • Determine if the user entity has developed controls that are complementary to those of the service organization that address risks of material misstatement relating to relevant assertions in the user’s financial statements.
A

Service Organizations

To rely upon a type 1 or type 2 report, the auditor should:

  • Determine that the date of a type 1 report, or the period covered by a type 2 report is appropriate for the auditor’s needs;
  • Evaluate whether the evidence provided by the report is appropriate and sufficient for the purpose of obtaining an understanding of the user’s internal control; and
  • Determine if the user entity has developed controls that are complementary to those of the service organization that address risks of material misstatement relating to relevant assertions in the user’s financial statements.

CPA AUD Flashcards (62 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions